Security professionals attending the Omdia Analyst Summit at the Black Hat conference in Las Vegas emphasized the importance of cybersecurity investment in today’s digital landscape. With new attack techniques emerging and an increasing number of attempted breaches, organizations are facing significant challenges to remain secure, compliant, and resilient. These difficulties are further compounded by staffing shortages, making it even more crucial for organizations to justify the need for additional cybersecurity investment.
Maxine Holt, a senior analyst at Omdia, acknowledged the dilemma faced by organizations, stating that despite the security challenges, they must remain continuously available to customers while also leveraging digital opportunities. She likened the situation to a “carrot and a stick,” where the sticks symbolize cyberattacks, and the carrots represent the digital opportunities that can benefit organizations in serving their customers better.
One of the primary motives for organizations to invest in cybersecurity is to become the most trusted entity by their customers, partners, and anyone they engage with. By adhering to the Golden Rule principle of treating others’ data as they expect their own data to be treated, organizations can establish and maintain trust. Holt cited Walmart as an example, highlighting the retail giant’s multi-million-dollar investment in cybersecurity over the past decade. As a result, Walmart positions itself as the world’s most trusted retailer, emphasizing trust over mere security.
Moreover, organizations seek a return on their security investment, which aligns with their embrace of digital opportunities. While some owners view cybersecurity as a commodity and believe their organizations to be secure, other departments recognize that digital transformation cannot be pursued without a corresponding focus on cybersecurity. Therefore, organizations are increasingly seeking a tangible return on their security investment to fuel further investment. According to Holt, the best outcome is a lack of incidents or breaches, but this may not excite the CFO. Instead, the investment in security should be seen as an opportunity for innovation and gaining a competitive edge in the market.
Holt concluded by highlighting the importance of evolving cybersecurity from a tick-the-box approach to a continuous management process. This evolution necessitates buy-in from the C-suite, prompting security teams to advocate for the resources and support they require. As resilience becomes a critical business objective, organizations must strike a balance between security resilience and overall business resilience. By positioning cybersecurity as a fundamental component of managing and sustaining growth, it can be recognized as a core aspect of the business that supports customers and the delivery of products and services.
In summary, the ongoing challenges of cyber threats, staffing shortages, and the need to seize digital opportunities have compelled organizations to prioritize cybersecurity investment. Trust and customer-centric focus are crucial in justifying these investments, as organizations strive to become the most trusted entities in their respective industries. Furthermore, organizations are increasingly recognizing the importance of achieving a return on their security investment, not only to maintain security but also to drive innovation and competitiveness. To be effective, cybersecurity must transition from a checklist approach to a continuous management strategy, backed by support from the C-suite. Overall, solid cybersecurity and a strong focus on its continuous improvement are fundamental to the long-term success and sustainment of organizations in today’s digital landscape.