It’s hard to believe, but it is time to start thinking about 2018. I expect that any day now, the security predictions for next year will be arriving in my inbox.
I got my first glimpse at what IT decision makers will be thinking about in 2018 at the SpiceWorld conference in Austin. Spiceworks, which sponsored the conference, released its study, 2018 State of IT, and found that 44 percent of companies expect their IT budgets to increase. I, of course, wanted to know how security fits into these budget outlooks, and that’s what I asked Peter Tsai, senior technology analyst with Spiceworks.
Companies do plan to increase security-related budgets in both hardware and software, with a 7 percent increase in security appliances and a 10 percent increase in security software. The reason for the increased budget allocations for security tools is clear, Tsai said. Security is one of the biggest challenges that companies face today. The aftershocks of a breach are devastating.
It’s not just the concern over security incidents, Tsai added. There are more endpoints that need to be secured. Cloud computing adds “just another thing” to manage, and then there is the Internet of Things (IoT). As Tsai said to me, you have all of these devices that were never meant to have connectivity in the first place, and now that they do, they are designed and manufactured by companies that don’t have any experience in security. You can’t build security into a device if you don’t know what security should look like. Finally, even if a company does have some understanding of security, updating the software on the device may not be easy. Organizations need to spend the money on security systems that will address the missing security in IoT.
But there is another reason why security spending is on the rise, and why security software is near the top of the software budgeting list, Tsai said:
Basic security tools aren’t working anymore, and businesses are finally figuring that out.
The new security spending is focusing security systems with intelligence built in, allowing organizations to get a better view of what’s happening within their networks.
Of course, there is one area where increased spending on software and hardware won’t help, Tsai admitted. People are always going to be your biggest challenge. They will make mistakes that will turn into security incidents, and if you work with third-party vendors, there needs to be a trust level that they take security seriously (and are honest with you about it).
I’m not surprised that organizations plan to spend more on security tools, but considering the high-profile breaches and what we’ve witnessed in 2018, I would have hoped the numbers would have been higher. I think there should be some spending on security training, too, to decrease the risks caused by end users.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba