The news this week has been on the successful cyber-attack of Sony Studios by agents of North...
Cybersecurity Spending More Proactive than Reactive
The future trend in cybersecurity is a focus on spotting potential breaches and stopping cyber attacks before they happen instead of reacting after an attack. This new focus, though, means CIOs in both the private and public sectors will have to shift their spending going forward.That’s the thrust of a survey of 101 CIOs by UBS AG, according to a Wall Street Journal article. Writer Steven Norton says, “The perception among CIOs about security has changed over the last 12 to 18 months as corporate leaders embrace new technology and see the devastating effects of high profile breaches like those at Target Corp.” Norton adds some enlightening research to his article. “The new spending is spurred by growing awareness of the increase in cyber threats. A Wall Street Journal analysis found that so far this year, 1,517 firms traded on the New York Stock Exchange or Nasdaq Stock Market listed some version of the words cybersecurity, hacking, hackers, cyberattacks or data breach as a business risk in their security filings. That number was up from 1,288 in 2013 and 879 in 2012.” StateTech Magazine says cybersecurity is a growth area for New York banks. The article states, “The majority of the banks — 77 percent — have seen their information security budgets increase in the past three years, according to a recent survey of 154 institutions by the New York State Department of Financial Services (DFS). Another 18 percent of the banks reported that their budgets have remained the same, and “[a]lmost no institutions reported a decrease in spending in the past three years.” Nearly 80 percent of New York’s banks reported that spending is expected to increase at least through 2017. Compliance and regulatory requirements, business continuity and disaster recovery as well as reputational risk are the key drivers that are expected to boost funding.Increased security funding for the state’s banks could mean good news for budding professionals. A TechAmerica survey, as reported by FierceGovernmentIT.com, finds “Improving cybersecurity emerged as the top priority again for federal chief information officers and chief information security officers. Sixty-three percent of respondents said cybersecurity issues were one of their top three priorities – more than twice as much as other mentioned priorities.”The article adds that a staggering amount of money will be invested by the federal government in fighting cyber attacks but it’s not enough. “Eighty-seven percent of respondents said their agencies have increased spending on cybersecurity, the survey said. And while next year’s fiscal budget requests $13 billion to improve cybersecurity, CIOs said a larger increase will be needed in the future,” the article said.The report, according to TechAmerica, “points to IT security, modernization/innovation, and cloud/mobility as government’s top IT priorities. Balancing these priorities, however, often includes transforming the mindset and workflow for the workforce and reflects some of the top challenges that were identified, including workforce, security and budget cost savings.” The survey, which is available for download, quoted one respondent who feels a qualified workforce is light years behind (in terms of the advancements in cyber attacks).The CIO stated the federal government is “five years behind in terms of talent.” The report adds, “During these tight budget times, the Federal government must be strategic in its use of technology and empower its workforce to provide internal and external stakeholders with needed services. Critical factors such as declining budgets, impacts of sequestration and shutdowns, and a workforce that is retirement eligible, and overworked are impacting the ability of CIOs to meet requirements and plan for the future. For the immediate future, CIOs must address a declining pool of contractors and Federal workers with the right skills and competencies,the impact of retirements, and a need for competencies including project management, leadership, business acumen, and strategic planning.”