Getting the most out of your cybersecurity spend
With more digital initiatives underway, it’s not the cybersecurity budget that matters, it's the business impact that counts.
Over the last year, companies in the Middle East have been digitising faster than any of us would have expected with virtual services and increased automation being introduced over weeks or months rather than years. As a result, cybersecurity has become, and will likely continue to be, an urgent priority for organisations.
With plans for even greater digital transformation in place and more people working remotely, old approaches to keeping critical data safe are being reassessed. This is being translated into spending and plans to hire more cybersecurity experts, despite the pressure on revenues as the region comes out of the pandemic. Yet it has also been found that companies are unsure about whether they are using their cybersecurity budgets to best effect.
In our annual Global Digital Trust Insights Survey for 2021, we found that more than half of the survey participants lack the confidence that they are investing in the right measures for the risks they may be exposed to. We see two main issues resulting from this - gaps in their provision, and excessive spending to cover all bases which may not be needed.
The temptation to double down on security provisions when threats could be anywhere is understandable. No one with a remit including cybersecurity wants to be responsible for a breach at such a vulnerable time for business and the global economy. However indiscriminate spending is risky too, especially when budgets are under intense pressure.
So how can companies maximise the impact of their security spending?
The starting point is better information. Without the ability to tally spending with outcomes and benefits, decision-makers are planning in the dark. They’re also prevented from linking their activities to value creation. This is a significant missed opportunity because from experience working with clients shows that well-targeted cybersecurity spending can deliver better risk management, more cost-effective compliance, faster digital transformation and improved customer experiences.
Cyber budgets should also be linked to overall enterprise or business unit budgets in a strategic and data-driven way. Positively in the region, around half of the survey respondents said they are trying new budgeting processes, and considering how best to convince their CEO’s and boards to assign needed funds – while simultaneously showing them that they are actively striving to do more with less, through smart automation, insights and streamlined technology.
Always on: building resilience
As more and more services and business processes are digitised, companies need to be sure that if a disruptive cyber incident occurs, critical business functions will stay up and running. As a result, an increased number of Middle East companies will be moving their operations and security provisions into the cloud, doing away with static, inherently insecure legacy systems in favour of dynamic, integrated cloud/network systems that are secure by design.
This would be argued as another key part of effective cybersecurity spending, because real-time threat detection is imperative to stave off both expected and curve-ball threats.
Companies across the Middle East are resetting their cyber strategies and trying to build cybersecurity into every business decision. Increasing their insight into the impact of existing investment will help justify new targeted cybersecurity technology spending, to keep pace with increasingly sophisticated digital threats.
Contact us
