By Douglas Concepcion
Based on the historical trend established over the last few years, it is expected that the number and sophistication of cyber-attacks will continue to increase. 54% of the professionals in the cybersecurity space anticipate a successful attack against their organization within the next twelve months. Even though security budgets have been increasing over the last several years, the return on the investment has been decreasing, i.e., what is known as the trickledown effect. This means that nation states and sophisticated actors (all black hat hackers) have been developing very powerful tools over the past (approximately) ten years, and as with all technical development, the tools eventually make their way into the public space. In these cases, very innovative malware is now being used by criminal actors to circumvent the cybersecurity (hardware and software) of organizations. Due to this level of concern, most organizations, on average, are increasing their security budget by 21% in the coming year, with a focus on securing planned or existing cloud infrastructures, applications, training and education of staff and mobile devices.
The biggest hurdles experienced by organizations is lack of knowledgeable or skilled employees in cybersecurity; with an overall shortage worldwide of about 800,000 at the present time, that number is expected to increase to 1.7 million unfilled cybersecurity positions globally by 2020. This shortage is causing organizations to increase training of existing staff in cybersecurity, and to contract with companies that offer Managed Security Service Provider (MSSP) and Managed Service Provider (MSP) services. A primary reason for the outsourcing to one of these organizations is that these service providers already have a dedicated staff in place 24/7, with the required skill sets for managing cybersecurity. This removes a large portion of the security personnel burden from the organization, while also sharing the responsibility of security operations.