informa
/

How SolarWinds Changed Cybersecurity Leadership's Priorities

A new survey shows how IT security leaders have changed their focus after the SolarWinds attack and a year of the pandemic.

If you were looking for a job in IT during 2020 or 2021, you probably couldn't have chosen a more in-demand IT specialty than cybersecurity. Between securing the devices of hordes of new work-from-home employees and responding to new threats on the horizon like the SolarWinds hack, organizations were investing in hiring more security pros at a time when many other workers in the job market were afraid of being laid off. In the weeks following the Colonial Pipeline ransomware attack, there's no sign of that changing.

That's one of the findings of a new survey of 300 security leaders in the US. The survey also looked at investment priorities for security leaders, how closely these leaders worked with their CEOs, their plans for security automation technology, and other trends, too. It was the fifth annual survey commissioned by Scale Venture Partners and conducted by Market Cube.

A full 40% of respondents in this year's survey said they increased security headcount in 2020. Of those who increased headcount, 32% said it rose by 50% or more.  What's more, 63% said their security budget increased over the past 12 months. Of those who increased their budget, 45% said it had doubled. (For context, 31% of survey respondents worked at firms of 500 to 999 people; 28% at firms of 1,000 to 2,499 people, and 18% at firms of 2,500 to 5,999 people.)

Staffing continues to be a challenge in cybersecurity, according to Ariel Tseitlin, a partner at Scale Venture Partners who specializes in cloud and security. The demand for security pros increased over the last year during the pandemic amid new and serious security incidents.

"I don't know that we can do much to accelerate the rate of supply of security professionals," he said. Instead, he believes the market will turn to two other possible solutions to resolve the imbalance between supply and demand for talent -- security automation tools or security products being bundled with services.

Ariel_Tseitlin_ScaleVenturePartnersCP.jpg

Ariel Tseitlin

This higher demand was driven by new threats and a changed environment that included a huge pivot to move workforces to work from home. Of security leaders surveyed, 36% attributed an increase in certain types of incidents to the move to work from home. A full 52% of security leaders said that security incidents involving attacks on compromised data, devices, systems, or networks increased.

But one of the biggest incidents on every security leader's mind was the SolarWinds hack.

"SolarWinds catapulted attention to third-party risk and vendor risk to the forefront," Tseitlin said. "Everyone realized they didn't have very good visibility."

The Scale survey showed that security leaders are retooling their security operations in response to the changing threat environment. For instance, 57% said they increased integration with other teams such as IT and software development. Also, 36% said that they expected third-party risks to rise over the next 12 months. What's more, 47% said third-party risks are a top factor affecting the C-suite's understanding of the business impact of security, behind data breaches at 57% and remote work at 54%.

What are these organizations doing to mitigate third-party risks? Performing audits of third-party vendors' procedures topped the list at 51%. Other measures included relying on third-party risk rating services (48%) and asking vendors to complete self-assessment questionnaires (47%).

Tseitlin said that the survey revealed that organizations are building security automation technology to help deal with the growing tools sprawl. For instance, 51% of respondents said they created an in-house cybersecurity solution in the past 12 months, and 23% said they had built security automation technology.

"There are so many different tools out there," Tseitlin said. "Organizations are looking to invest in software that consolidates and coalesces all the different signals from security tools."

Related Content:

Experian’s Identity GM Addresses Industry’s Post-COVID Challenges

MassMutual CISO Talks Cybersecurity Priorities

Cybersecurity, Modernization Top Priorities for Federal CIOs

The Year in Security: Adversarial AI and the Rush to the Cloud

 

Editor's Choice
John Edwards, Technology Journalist & Author
Jessica Davis, Senior Editor
John Edwards, Technology Journalist & Author
John Edwards, Technology Journalist & Author
Sara Peters, Editor-in-Chief, InformationWeek / Network Computing