Doing more with less: Cybersecurity in 2021

Seemingly overnight, the pandemic changed the way we work, and infosec departments are still adjusting. What’s on the horizon for employees in the coming year?

The events of the past year have forced many companies to change their approach to work and, by extension, information security. Seeking to learn about their pandemic-related challenges, we polled 5,266 IT decision-makers in 31 countries. Respondents talked about the threats they encountered, the costs of cyberincident recovery, and the current state of security within their organizations.

To learn more about major trends of the past year, forecasts for the coming year, and recommendations from Kaspersky and invited experts, see our report, “Plugging the gaps: 2021 corporate IT security predictions.”

IT departments have to get creative

Although the number of cyberattacks continues to rise, security budgets for IT departments in general are shrinking.

  • In 2020, spending by large companies (1,000 or more employees) on cybersecurity fell by an average of 26% against the year before;
  • In the SMB segment (50–999 employees), IT budgets are also down by about 10%;
  • Spending on IT departments and information security is likely to decrease further.

In other words, IT teams will have to do more with less.

Perimeter security is becoming irrelevant

Company software has moved to home computers and personal smartphones, so companies can no longer rely on a secure corporate network segregated from a dangerous external environment. According to our experts, the best protection strategy for companies will involve inspecting cybersecurity and certifying employee workplaces.

Training must be practical and coherent

Working from home, employees cannot always rely on corporate security and prompt assistance from IT. Therefore, more than ever, they need up-to-date, applicable knowledge about cyberthreats and how to stay safe. Their training must be systematic and extensive — a handful of seminars will not suffice.

Outsourcing helps cut HR costs

Maintaining a full roster of highly specialized cybersecurity experts is expensive for every company type and size, from SMBs to the largest enterprises. Therefore, reliable MSSPs (managed security service providers) are more important than ever. At the same time, experts recommend additional training for in-house infosec staff (if any), so that they can manage outsourcing.

Cloud services will take off

According to IDG, spending on cloud services in 2021 will consume about 32% of IT budgets, so it is essential to oversee the platforms’ monitoring and security. Experts strongly encourage deploying tools for analyzing employee actions, including use of unauthorized third-party software and cloud services, as well as expanding the transparency of work done on personal mobile devices.

Trends from 2020 will continue in 2021, with 75% of professionals worldwide saying they intend to reevaluate their relationship with the office after the pandemic ends. For details of the challenges ahead and advice for protecting your business in 2021, see the full report. For ease of use, it is divided into sections with forecasts and recommendations for CEOs, CIOs/CISOs, SOC team leads, and IT security managers.

Full report