2022 needs to see more spending on cybersecurity.

The annual State of IT report released by Spiceworks Ziff Davis, a global marketplace that connects technology clients and vendors with the most actionable and precise intent data, shows that managed security services spending is projected to increase in 2022. According to the report:

“In 2022, enterprises are expected to spend a significantly greater portion of IT budgets on security appliances. In fact, enterprises — with their bigger attack surfaces — are more likely to increase IT spending due to security concerns overall.”

Cybersecurity experts are pleased that companies finally seem to be willing to spend more on security. But how does Ziff Davis show security budgets being allocated? And how do independent experts view the shifting priorities?

Holistic security solutions a must

According to State of IT report, the top security expenditure in 2022 is expected to be employee security training tools (ESTT).

“Companies can no longer focus on singular solutions, they have to be holistic. The tools used to train employees in security protocols can be everything from cloud-based solutions to end-user education,” says Mike Medford, a cybersecurity specialist in Honolulu. “It used to be that there were more `silver bullets’ available to contain security threats, but that simply isn’t the case anymore. Companies must cast a wider net and that is ESTT.”

Tied with ESTT for first place is anti-ransomware. The fact that spending is expected to increase on anti-ransomware solutions should come as no surprise as ransomware has run rampant in 2022, taking down cities, critical infrastructure, and schools.

“Again, these anti-ransomware solutions must be holistic, you can’t just purchase software and expect all your ransomware worries to go away. Yes, software is a part of it, but so is end-user training, and network segmentation,” Medford advises.

Hardware-based authentication (HBA) a possible game-changer?

One trend that is gaining ground is hardware-based authentication. The Ziff Davis State of IT report shows that nearly 70 percent of respondents reported that hardware-based authentication is a priority for them.

The primary advantage of hardware-based authentication (HBA) is that someone has to be physically in control of a device to operate it. Often these are security tokens or USB devices, so the only way a hacker could get into a system would be to physically possess it.

Similar to the way that a key card is required to access most hotel room, the only way to get into HBA protected systems is with a physical device. The same principle has been the norm with cars, whether it is the old-fashioned key or the more modern keyless cars with transponders. No key or transponder, no driving.

“HBA is going to see exciting growth in the years ahead. While cybersecurity has been a cat and mouse game for years, a robust HBA program could finally put some space between the cat and the mouse.,” Medford anticipates.

Breach Detection and Response products will become increasingly important as the post-COVID era continues to create hybrid work conditions and work stays in the cloud.

“Advances in AI are making breach detection the equivalent of a guard dog on the front porch, except products today provide 24/7 protection. Even the best guard dog has to sleep, not so for breach detection and response products and that is where you’ll see a lot of growth,” Medford points out.

And, lastly, the Spiceworks Ziff Davis report flags Zero Trust security solutions as a priority among 57 percent of respondents.

“I am happy to see many organizations embracing zero trust. Zero Trust’s reliance on requiring all users, from the CEO to the janitor, to be authenticated, credentialed and authorized continuously is really making life harder for hackers,” Medford says.

There are other areas that experts say will see growth in security budgets in 2022. Among the most poised for growth: user training.

“An MSP has a very expansive role and the burden for security needs to shift to a shared model. Users have to bear some responsibility, and that is where education will continue to play a big role,” Medford describes.

Medford also cites statistics that show after proper implementation of cyber hygiene and IT training, companies have found that 80 percent of breaches are preventable. Other security expenditures include off-site storage for data, end-of-life hardware destruction, and IoT fortification.

Specialized IT professional services

Securing against cybersecurity threats and ransomware requires a proactive approach. An IT professional services provider must balance security protocol and compliance to minimize business risks. Speak to a NUMENTIS representative to understand how you can protect your business from ransomware attacks.