santiago silver - Fotolia

Spending on security will increase in 2016

Customers are planning to spend more on security next year and are looking for skilled channel providers to help them improve their cyber defences

Many share the view that it would only be a fool that would decide to authorise trimming the security budget for the year ahead, given the increasing number of threats.

Expectations for next year are that at the very worst security budgets would be kept flat but many customers will increase spending to try to ensure they are able to counter the latest threats.

That view has now been given some statistics with EY indicating that more than half of UK firms are planning to spend more on security next year with a significant number expressing low confidence in their current defences.

The channel is also going to find its skills in this area are in demand as customers are also struggling to deal with issues in-house.

“As we have seen in recent months, cyber security attacks on UK organisations are becoming increasingly sophisticated and all too frequent. Our survey results show that companies are worried that their cybersecurity resources, both in terms of skills and budget, are not sufficient in this current environment and that is a dangerous threat not only to their technology, but also to their bottom line,” said Mark Brown, executive director of cyber security & resilience EY UK.

The money that customers spend is likely to be in both dealing with external and internal threats as both are seen as causing headaches for users.

"While businesses, government and individuals are focusing on the significant opportunities and benefits of the digital world, they may be overlooking the necessary precautions and underestimating the long-term risks of deceptively subtle cyber breaches. Preparation is absolutely critical, and organisations should examine their operations holistically to determine where attackers gained or are attempting to gain access to data," added Brown.

The EY research came out on a day when there was intelligence from other parts of the industry, all underlining how rapidly threats were evolving and just how many different solutions the channel could pitch to help users.

A CyberArk report, Analysing Real-World Exposure to Windows Credential Theft Attacks, highlighted the risks that Windows based workstations and servers posed and came to the conclusion that more neeeded to be done to head off those vulnerabilities.

“In a given network, there are typically a number of highly threatening machines that can give an attacker the credentials needed to completely compromise the majority of Windows hosts on the network,” said Andrey Dulkin, director of cyber innovation at CyberArk Labs.  

“We’ve seen similar credential theft methods as the basis for major attacks across a number of organisations.  Identifying these machines and securing the associated privileged credentials against theft and exploitation is a critical step in securing against advanced cyber attacks," he added.

There was also more fuel for the fire from Echoworx, which found that a quarter of UK businesses were leaving themselves open to an email breach.

The large number of users that have failed to get some sort of security protection in place was highlighted as another potential channel opportunity.

“It's certainly worrying that over a quarter of UK businesses are leaving their corporate emails totally unprotected. It highlights a very clear lack of awareness of email security and the potential implications that this could have on a business. For those companies that do have a secure email solution already in place, it’s vital that it’s transparent to the user. If security solutions are too complicated, employees will almost certainly find a less secure workaround”, said Greg Aligiannis, senior director of security at Echoworx.

The recent high profile breach at TalkTalk has also done its bit to highlight the need for firms to invest in solutions that will mitigate risks and the channel has already seen discussions about applications they could purchase increase as a result.

"The CFOs say that they have seen what happened to TalkTalk and want to know what they need to do to mitigate the risks inside their own business," said one source.

Read more on Finance and Credit