A recently published report by cyber advisory and solutions firm Optiv reveals a substantial 59% year-over-year increase in cybersecurity investment, underscoring organizations’ growing priority on cyber defense. The 2024 Threat and Risk Management Report, based on a survey of 650 IT and cybersecurity professionals by the Ponemon Institute, outlines how companies navigate the complex and evolving cyber threat landscape.
According to the report, 63% of organizations with over 5,000 employees allocated an average of $26 million to cybersecurity in 2024. This significant financial commitment reflects the heightened focus on advanced technologies like artificial intelligence (AI) and machine learning (ML) to enhance threat detection, prevention, and process automation capabilities. These tools are seen as crucial in keeping pace with sophisticated threat actors who also employ AI and ML.
Security Tools
Despite these investments, the report identifies a critical issue: 40% of respondents believe their organizations have too many security tools, which hinders overall effectiveness. Only 29% feel they have an optimal number of tools. This finding emphasizes the need for a strategic approach to streamline and integrate existing technologies to build a cohesive and effective cybersecurity infrastructure. Put simply, sometimes less can be better.
The prevalence of cyber incidents remains high, with 61% of respondents experiencing a data breach or cybersecurity incident in the past two years and 55% facing four or more incidents within the same period. This alarming trend highlights the urgent need for robust cybersecurity strategies and smarter investments.
Optiv’s report also reveals key investment areas for 2024, including internal security assessments (60%), identity and access management (IAM) programs (58%), and acquiring additional cybersecurity tools (51%). Despite the increased budgets, only 36% of respondents have a formal approach to determining cybersecurity budgets, leading to potential inefficiencies and overlooked security gaps.
SOAR Technology
The adoption of security orchestration automation and response (SOAR) technology is on the rise, with 73% of respondents utilizing SOAR to automate incident response activities, enhancing their ability to respond efficiently to threats. Additionally, the report shows that 44% of respondents use AI/ML to prevent cyberattacks, while 35% have purchased use-case-specific tools.
Increasing Budgets
“Cyber incidents are not slowing down, which means organizations must work at a speed above those of the threat actors attacking their environments. As we see security budgets increasing, many organizations are also recognizing the need to make smart investments in process and governance assessments to ensure compliance,” says Jason Lewkowicz, executive vice president and chief services officer at Optiv. “Establishing a more consistent, strategic approach to security technology, process and people management will be essential for organizational risk management and resilience.”
Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, notes the increasing awareness among IT professionals and senior leaders about the necessity of strengthening their security posture. “Our independent research for Optiv reveals the positive steps organizations are taking to reduce risk, while also addressing the challenges they face in the evolving cyber threat landscape,” says Ponemon. “Part of the complexity organizations continue to face in dealing with threats is due to the number of ineffective technology tools. Recognizing this, IT professionals and senior leadership are becoming more cognizant of the importance in strengthening their security posture, resulting in the increase of cybersecurity budgets and allocating funds based on proven effectiveness in reducing security incidents.”
Get the full report here.
Other News: Cyber Insurance Market Surges Amid Escalating Cybersecurity Threats – Report(Opens in a new browser tab)