Pandemic causes majority of businesses to shift their cybersecurity strategy
An overwhelming majority of Canadian businesses (97%) say they will shift their cybersecurity strategy as a result of increased digitalization driven by the Covid-19 pandemic, according to a recent survey from PwC. The consulting firm’s "Digital Trust Insights" report polled more than 3,000 business and IT executives globally, including a significant number in Canada.
“Traditional approaches to cyber are struggling to keep up with the pace and scale of digitization and automation. And they're slowing down business strategies and impacting both the top and bottom line,” said Saj Nair, national leader for cybersecurity, privacy & financial crime, PwC Canada. “So it's really not surprising that nearly all Canadian executives say their cybersecurity strategies will shift as a result of Covid-19."
Fortunately, tech leaders won’t have to struggle with a smaller cybersecurity budget next year – given the jump in cyberattacks amid the shift to work-from-home setups. Though two-third of companies is Canada expect to see revenues decline next year, 56% expect to see an increase in their cyber budgets. However, only 34% believe their cyber budget is being allocated to the most significant risks.
With increasing adoption of cloud, automation, and IoT systems, tech leaders will have to use advanced security methods to level the playing field with hackers. The top approaches that Canadian organizations have implemented are security orchestration and automation (19%), modern identity and access management (17%), and integrated cloud and network security (17%).
Companies will also look to build resilience, as 2020 has brought a surge in intrusions, ransomware, data breaches, and phishing attempts. More than half (57%) of Canadian execs plan to increase resilience testing to make sure critical business functions continue to operate in the event of a breach.
Canadian respondents believe criminals (55%) and current employees (49%) are the most likely cyberattack perpetrators, and that attacks on cloud services (56%) ransomware breaches (51%) and disruptionware attacks on critical business services (51%) are the most likely types of attack.
Firms unsurprisingly want to boost their cyber talent, with 42% planning to add full-time cybersecurity personnel to their teams. However, because of the scarcity of talent in the high-demand field, 94% use or plan to use managed services.
In terms of the technical skills they’re looking for in new hires, the most popular choice was expertise in cloud solutions. Tied for second were specialization in new tech (AI, IoT, blockchain) and security intelligence expertise (40%).