Businesses to spend more on security as the number, size of cyberattacks grow

Dive Brief:

Nearly 70% of organizations expect an increase in the "the number and size" of cyberattacks in the next 12 months, according to Deloitte's Cyber risk in the wake of COVID-19: Building Greater Resilience survey of more than 880 C-suite members and executives on June 1. The "cyber events" they expect to increase target their organization.
More than half of respondents, 56%, are increasing their security spending in response to COVID-19-related "disruption," according to the survey. Less than one-third of respondents, 29%, don't anticipate a change in spending.
The greatest security hurdles related to COVID-19's disruption are insider threats and identifying the location of malicious activity. Executives are also concerned about upholding 24/7 security coverage and maintaining privacy and security regulations.

Dive Insight:

There are six reasons tucking is generally vulnerable to cyberattacks, according to Mark Murrell, co-owner of online driver training provider CarriersEdge: It's a high-dollar business, it has weak IT policies and management, firms use outdated equipment, staffs get minimal security training, companies are centralized and local, and they aren't worried about attacks.

"While there is slow movement towards rectifying a few of those things (e.g. newer IT equipment, moving data to the cloud), it won’t really matter if the company has weak passwords, or the undertrained staff are clicking on the wrong links and opening up their networks to malware and ransomware," Murrell wrote in a LinkedIn post in May.

Trucking was vulnerable before the pandemic, but COVID-19 changed how businesses run. Consequently, security has to adapt.

Gartner adjusted its expected spending on information security for 2020 with cloud security leading the charge. Cloud security is expected to increase 33.3% year-over-year, reaching $585 million in 2020. On-premise security, including network security equipment had the steepest decline, projected to drop 12.6% year-over-year.

"Frankly, the reason why many organizations require brick and mortar working, is either because there is a lack of security or because of legacy processes," said Kennedy.

IT will likely spend the next three to five years reckoning with legacy systems that tie them to an office as a result of COVID-19's disruption, according to Chris Kennedy, CISO and VP of Customer Success at AttackIQ, told Transport Dive sister publication CIO Dive. "These security investments are, well, the new architecture. It used to be concentrations and localities," but there is no locality anymore with a remote workforce, he said.

Without a central location, endpoint visibility is at the forefront of security, behind employee behavior and training. But the breakdown of an in-office security mindset and physical deterrence, such as cameras, challenges organizations' ability to track insider threats. Businesses had to reevaluate their insider threat program's capacity for perceiving threats outside the office.

Adjusting to a security perimeter that reaches every employee's home created a minefield of potential misconfiguration because tools were deployed too quickly. "Attackers prey on entropy, as in, when you move fast, you likely screw stuff up," such as VPNs, said Kennedy.

Annual business impact assessments will likely look different by the end of 2020, said Kennedy. How long would it take for an organization to recover from a cyber event — a day, a month, a year?

Before COVID-19, building a resiliency model for an entire workforce working from home for a year was unlikely, said Kennedy. "There was always just more important stuff to do, but here we are."