November 10, 2016

5 Reasons Why IT Security Spending is Skyrocketing

Protecting confidential data from cyber criminals is expensive – and necessary.

Data is the world’s new natural resource, said Ginni Rometty, IBM chairman, CEO and president at a summit on information security last year.

“Data is the new basis of competitive advantage, and it is transforming every profession and industry. If all of this is true – even inevitable – then cyber crime, by definition, is the greatest threat to every profession, every industry, and every company in the world.”

Global revenues for IT security hardware, software and services are forecast to grow from $74 billion in 2016 to $102 billion in 2020, according to International Data Corp. (IDC) research.

To protect data, security-related services accounted for nearly 45% of all security spending in 2016, the report said. The second largest category was security software including endpoint security, identity and access management, and security and vulnerability management software.  

5 trends in cyber crime that are contributing to the need for increased IT security spending:

  1. Ransomware: With ransomware, malicious software blocks access to a computer system until a ‘ransom’ is paid. Security vendor Kaspersky Lab reported a 30% increase in ransomware victims in 2016. Some security experts warn that paying the ransom does not guarantee information will be released. What to do: Regularly back-up data, and provide on-going training to teach employees not to open or click on unknown links (the most common way infections get onto computers).
  2. Internet of Things (IoT): IoT includes everything from smart appliances and wearables to industry-specific devices such as connected medical technologies. Many IoT devices have little to no security. A 2016 IoT Trends survey by Spiceworks showed that organizations connecting wearables to their network have nearly doubled since 2014, and the most prevalent IoT devices in the office are security cameras, projectors, gates, locks, RFID readers and badge readers. The biggest concern is that IoT devices create more entry points into the network. What to do: Implement a security policy and other safeguards for IoT device purchase and use in the workplace.
  3. Hackers-for-hire: Increasingly, professional hackers are available for hire to steal data or to hack companies or individuals just to cause chaos. An article in the New York Times last year even covered a mainstream website where these hackers advertise their services. What to do: Invest in IT safeguards such as firewalls, and keep them up-to-date.  
  4. Mobile devices: In the past,malicious software (malware) targeted desktops, laptops, and servers. But with the rise of mobile devices, BYOD, and remote workers, cyber criminals are aiming at smart phones and other mobile devices. What to do: Establish BYOD policies, teach mobile device best practices, and equip all devices with the most up-to-date safeguards.
  5. Continued growth: Cyber crime will continue its “stratospheric growth” over the next five years, according to a recent report from Cybersecurity Ventures. Data is the primary target but increasingly large scale distributed denial-of-service (DDoS) attacks attempt to disable entire networks. What to do: Keep all IT safeguards up-to-date. Do not stockpile old hard drives; instead, securely destroy hard drives and e-media.  

Protect confidential information in digital and paper formats from creation to disposal with a comprehensive document management policy.