The annual State of IT report released by Spiceworks Ziff Davis, a global marketplace that connects technology buyers and sellers with the most actionable and precise intent data, shows that managed services spending is projected to increase in 2022. One specific area that will continue to see growth is managed security services. According to the report:
“In 2022, enterprises are expected to spend a significantly greater portion of IT budgets on security appliances. In fact, enterprises — with their bigger attack surfaces — are more likely to increase IT spending due to security concerns overall.”
Cybersecurity experts are pleased that companies finally seem to be willing to spend more on security, and MSPs stand to increase revenue in 2022 from this trend. But how does Ziff Davis show security budgets being allocated? And how do independent experts view the shifting priorities?
Holistic security solutions a must
According to State of IT report, the top security expenditure in 2022 is expected to be employee security training tools (ESTT).
“Companies can no longer focus on singular solutions, they have to be holistic. The tools used to train employees in security protocols can be everything from cloud-based solutions to end-user education,” says Mike Medford, a cybersecurity specialist in Honolulu. “It used to be that there were more `silver bullets’ available to contain security threats, but that simply isn’t the case anymore. Companies must cast a wider net and that is ESTT.”
Tied with ESTT for first place is anti-ransomware. The fact that spending is expected to increase on anti-ransomware solutions should come as no surprise as ransomware has run rampant in 2022, taking down cities, critical infrastructure, and schools.
“Again, these anti-ransomware solutions must be holistic, you can’t just purchase software and expect all your ransomware worries to go away. Yes, software is a part of it, but so is end-user training, and network segmentation,” Medford advises.
Hardware-based authentication (HBA) a possible game-changer?
One trend that is gaining ground — and one that Smarter MSP will be exploring more in an upcoming security article – is hardware-based authentication. The Ziff Davis State of IT report shows that 68 percent of respondents reported that hardware-based authentication is a priority for them.
The advantage of hardware-based authentication (HBA) is that someone has to be physically in control of a device to operate it. Often these are security tokens or USB devices, so the only way a hacker could get into a system would be to physically possess it.
Similar to the way that a key card is required to access most hotel room, the only way to get into HBA protected systems is with a physical device. The same principle has been the norm with cars, whether it is the old-fashioned key or the more modern keyless cars with transponders. No key or transponder, no driving.
“HBA is going to see exciting growth in the years ahead. While cybersecurity has been a cat and mouse game for years, a robust HBA program could finally put some space between the cat and the mouse.,” Medford anticipates.
Breach Detection and Response products will become increasingly important as the post-COVID era continues to create hybrid work conditions and work stays in the cloud.
“Advances in AI are making breach detection the equivalent of a guard dog on the front porch, except products today provide 24/7 protection. Even the best guard dog has to sleep, not so for breach detection and response products and that is where you’ll see a lot of growth,” Medford points out.
And, lastly, the Spiceworks Ziff Davis report flags Zero Trust security solutions as a priority among 57 percent of respondents.
“I am happy to see many organizations embracing zero trust. Zero Trust’s reliance on requiring all users, from the CEO to the janitor, to be authenticated, credentialed and authorized continuously is really making life harder for hackers,” Medford says.
There are other areas that experts say will see growth in security budgets in 2022 that MSPs can leverage. Among the most poised for growth: user training.
“More and more MSPs are making user training a top priority. If a breach happens, often the MSP is blamed and sometimes a contract terminated. An MSP has a very expansive role and the burden for security needs to shift to a shared model. Users have to bear some responsibility, and that is where education will continue to play a big role,” Medford describes.
Medford also cites statistics that show after proper implementation of cyber hygiene and IT training, companies have found that 80 percent of breaches are preventable. Other security expenditures include off-site storage for data, end-of-life hardware destruction, and IoT fortification.
“All in all, 2022 looks like a very good year for MSPs when it comes to revenue from security spending,” Medford concludes.
Photo: RossStock / Shutterstock