Security teams face pressure revolving around a larger and more complex attack surface with geopolitical turmoil and economic uncertainty looming about as well. The larger attack surface requires teams to monitor environments 24/7, but the teams struggle to do that.
And the reason is simple. Security costs continue to rise and are expected to rise into 2023. The top three reasons for the rising security costs are digital transformation initiatives, increasing regulations and response to cyber incidents, according to a Deepwatch survey.
Think about it. Organizations continue to pursue digital transformation in the form of cloud migration, remote work, IT modernization and IoT adoption to improve business outcomes. Security teams need to manage the digital risk associated with these changes.
When it comes to regulations, additional security costs are no surprise considering ongoing developments in breach reporting requirements, digital privacy laws and heightened White House attention on cybersecurity, especially due to ongoing geopolitical conflict.
Organizations are also reacting to the general rise in targeted attacks and understanding the need to protect against highly disruptive threats like ransomware.
“Regulatory developments around both incident reporting and privacy will undoubtedly continue to ramp up in 2023,” said Bill Bernard, assistant vice president, security strategy at Deepwatch. “Between differing perspectives on reporting timelines and the multiple agencies and authorities involved, breach notification compliance will be complex and challenging for security teams.”
Cybersecurity insurance is another cost concern for 78% of security professionals, according to the survey. More than a third said it’s already too expensive, and another 39% said that while they believe cyber insurance offers value today, that won’t be the case if prices go up further.
With the rising costs, the security web opens up a little bit. So, the question then becomes, how do security teams stop the rising threats? For starters, security teams decide that investments in their respond and detect functions of the NIST framework are a must now. Of course, that is easier said than done, but every enterprise needs to put in effort and money to monitor environments 24/7.
“Running a security operations center internally is a huge undertaking, and many are not only alleviating that workload through managed detection and response partners,” said Bernard. “But they are also getting increased efficacy from MDR specialists that are built to give the highest fidelity alerts and rapid response actions to contain threats swiftly.”
Companies such as Deepwatch provides platforms that leverage security telemetry across data sources to detect complex threats and provide complete real-time response. Deepwatch offers peace of mind and assurance that threats are rapidly and holistically addressed, unlocking a new level of security that supports business outcomes.
Edited by Greg Tavarez