Dive Brief:
- Amid a rising threat landscape and continued macroeconomic pressure, only about half of companies are getting the proper budgets they need to meet their current cybersecurity requirements, according to a study released Tuesday by the Neustar International Security Council.
- Less than one-third of IT and security professionals said their cybersecurity budgets would remain the same this year, while 6% expect them to fall. Of those, 44% said the budget stagnation or cuts will expose their businesses to more cyber risk, the study showed.
- “Macroeconomic issues are driving down spending across all sectors, and the way a lot of leaders are handling it is by cutting across all programs without careful consideration for where they’re making their cuts,” Carlos Morales, SVP of solutions at Neustar Security Services, said.
Dive Insight:
A growing number of major businesses in the U.S. and abroad are cutting budgets in the uncertain economic environment. A number of high-profile companies, including Amazon, Microsoft, Alphabet and others have announced thousands of job cuts in recent weeks. The layoffs come after the Federal Reserve repeatedly hiked rates to cool off rising inflation.
The Neustar report, based on the responses of 304 senior-level professionals across the U.S., Europe, the Middle East and Africa found that 4 in 5 executives believe the C-suite and board of directors at their organizations understand the existing threat levels. But more than two-thirds of respondents agreed that constraints on their budgets would limit their ability to respond to these threats.
The majority of respondents, 60%, said the most current risk is the rising sophistication of attacks, but more than half are also wary of the rising number of attacks.
Part of the long-term risk facing companies is in many cases they have converted to long term hybrid work, where employees only come into the office a few days a week and work from home the remainder of the week. The more geographically widespread deployment of workers has made it more challenging to secure the workplace from outside threats.
Morales said companies are increasingly turning to managed service providers in order to provide cloud-based security.
The study, which was conducted during fall 2022, reflects some issues raised by cybersecurity providers about customer spending decisions. In November, Palo Alto Networks reported a number of customers were giving potential security deals more scrutiny.
Companies have also started to consolidate the number of security vendors they work with, in part to reduce complexity, but saving costs has also been a factor.