Cybersecurity was a significant catalyst in facilitating productive remote work and ensuring business continuity in 2020.
As businesses continue to scale existing cyber solutions, enhance critical capabilities like MFA and accelerate the adoption of security models like Zero Trust to meet an increasingly treacherous threat landscape in 2021, it’s little surprise that cybersecurity spending is set to increase.
The 2021 Gartner CIO Agenda survey found organisations in Australia are forecast to spend more than $4.9 billion on enterprise information security and risk management products and services in 2021, an increase of 8% year-on-year. “With the opening of new attack surfaces due to the shift to remote work, cybersecurity spending continues to increase. 67% of ANZ respondents are increasing investment in cyber/ information security, second only to business intelligence and data analytics (73%),” the survey stated.
Gartner’s senior research director Richard Addiscott said the focus on security and risk was “due to major attacks like the SolarWinds supply chain cyber-attack, proposed legislation such as the Security Legislation Amendment (Critical Infrastructure) Bill 2020 and regulatory obligations”.
It’s heartening to note that businesses are continuing to prioritise and increase investments in cybersecurity. One of the things that 2021 has shown us so far is that the war on cybercrime is far from over. Three months into the year and the number of companies impacted by disastrous supply chain attacks (like those on SolarWinds, Accellion and Microsoft Exchange) continues getting bigger, with headlines emerging everyday of cyber-attacks successfully exploiting security gaps in remote working policies.
Now, more than ever, our customers need solid cybersecurity measures and strategies to protect their businesses. With such high stakes involved, we need to review how our customers can get every ounce of value out of every cybersecurity investment they make – whether those investments are in their technology, processes or people. As you continue helping your clients fortify their cybersecurity strategies and helping them get the best bang for their buck, here are a few things to keep in mind.
Aligning tech investments with security gaps
The United Nations’ Secretary-General, António Guterres, warned recently that as the diverse and severe impacts of the COVID-19 pandemic continue to be felt across the world, “unemployment has skyrocketed. Temporary business closures are becoming permanent. Rebuilding to pre-crisis levels of employment and output may take years”. For companies who are attempting to recover losses encountered in 2020 and are under considerable logistical and financial limitations, increased spending on cybersecurity may strain budgets further, making the efficiency of those investments all the more critical.
It never hurts to remind ourselves and our clients that investing in the most advanced and up-to-date cybersecurity solutions doesn’t necessarily guarantee overall improved security — it’s all about whether those solutions are best fit to address the vulnerabilities present in their overarching cybersecurity strategy. If a business is suffering from malicious spam, for instance, but they have invested big money in an advanced security analytics platform, they may find their cyber defences lacking in other key areas. In such a case, it would make sense to downgrade their security analytics and channel that money into a cloud email security provider.
We always recommend doing a risk analysis and seeing where most incidents occur. Companies need to be able to ask the hard questions and not only find out what’s working and what isn’t, but whether they are doing all that they can to get full value out of their cybersecurity investments. Talk to your customers and their stellar security teams to identify the gaps and weaknesses of their existing cybersecurity strategy and then determine the thinking, process and purpose behind the changes they implement. This will increase confidence that their resources are being used as efficiently as possible.
For many businesses, email security continues to be a big problem. The Office of the Australian Information Commissioner (OAIC) revealed in a report this year that “email-based vulnerability is one of the greatest risks” facing Australian firms, identifying phishing emails as the most common method used by hackers to obtain compromised credentials between July and December 2020. Email is a critical tool and arguably the most important means of communication among many businesses, making it an imperative for companies to implement and invest in the right email security solutions that can protect their inboxes.
Adopting a multi-layered strategy
Investing in the right technology is, however, just one part of the solution. We recommend adopting a multi-layered approach to ensure your customers’ cybersecurity strategy is up to scratch. It’s sometimes referred to as a ‘defence in depth’ approach, designed to defend a system against attacks using several different methods, in the event that if one fails, the others will stop the threat. Along with technology, processes and people are all equally as important when facing cybersecurity challenges and aligning all three will help in mitigating any incoming cyber risks, ensuring your customer’s business is protected.
In the case of email security, as a business, your clients may already have native security in place from Google or Microsoft, but it is also prudent to adopt a ‘defence in depth’ approach and invest in another layer of protection to combat email threats. For example, using a third-party cloud email solution like MailGuard to complement Microsoft 365.
We often focus on getting the technology right in cybersecurity and are tempted to ensure our systems are protected by state-of-the-art innovations. But it’s also essential that we’re spending appropriate time and resources enabling our customers and their teams to become cyber defenders and empowering them with the knowledge to make the right choices.
To assist customers to stay abreast of the latest in cybersecurity, we recommend visiting the MailGuard Partner Blog regularly. Here, we collate the latest threat intelligence and key cyber trends and lessons in a variety of resources, including thought leadership, whitepapers, case studies, infographics and many more. Sharing these with your customers can help to develop more strategic & well-informed discussions on navigating existing and/or incoming cyber challenges, including investing in the right technology and type of training.
Commenting on the survey’s findings, Andy Rowsell-Jones, distinguished Research Vice President at Gartner said:
“Last year, I told CIOs that success in 2020 meant increasing the preparedness of both the IT organization and the enterprise as a whole to withstand impending business disruption. This truth came at enterprises full force with the COVID-19 pandemic. In 2021, CIOs must build on the momentum they created for their enterprises and continue to be involved in higher-value, more strategic initiatives. The better CIOs perform for the business, the more the business will ask of them next year.”
Among other things, 2020 reminded us how fundamental cybersecurity is to business continuity and as we navigate a new normal in a post-pandemic 2021, it is encouraging to see a continued focus on enhancing cyber resilience. Let’s use this as an opportunity to continue enhancing the effectiveness of our customers’ cybersecurity approaches and investments to help their businesses become more cyber resilient than ever.
Talk to us
MailGuard's partner blog is a forum to share information and we want it to be a dialogue. Reach out to us and tell us how we can serve you better. You can connect with us on social media or call us and speak to one of our consultants.
Australian partners, please call us on 1300 30 65 10
US partners call 1888 848 2822
UK partners call 0 800 404 8993