Network, IAM, and cloud are the top 3 cybersecurity spending priorities for 2023

Attackers are so relentless in innovating new breach techniques that cyber defenses deployed in 2022 have already weakened, with even more serious attacks arriving in 2024. Most cybersecurity leaders (71%) say that their organizations have experienced three or more security incidents in the last year alone.

Ransomware breach attempts dropped by 30% last year as attackers turned to new attack strategies that are proving more profitable and less detectable. As attackers outgrow the current generation of security platforms, total attack activity continues to grow, even as budgets grow even in an uncertain economic climate.

The Scale Venture Partners (SVP) Cybersecurity Perspectives 2023 report provides insights into the many challenges facing CISOs. These include the growing sophistication of attacks, talent shortages, geopolitical tensions, and overworked security teams. The report found that CISOs are doubling down on network, IAM, and cloud security to better protect themselves against identity-based attacks.

CISOs fight identity theft

Organizations’ growing reliance on more cloud services creates a tempting breach target for attackers, who use pretexts and social engineering to steal privileged login credentials. The SVP survey found that 50% of security leaders say their cloud service accounts have been attacked in the last year. This is consistent with the CrowdStrikes 2023 Global Threat Report.

CrowdStrike found that exploiting gaps in cloud infrastructure very often credential, identity and data theft grew 95% in 2022, with cases involving cloud-aware threat actors tripling year-over-year. Attackers are trying to modify authentication processes to attack identities.

One particularly popular tactic has been the abuse of compromised credentials acquired through information thieves or bought from the criminal underground, reflecting a growing interest in targeting identities that we also saw last year: our 2022 report found that 80 percent of cyberattacks leveraged identity-based techniques, writes CrowdStrike cofounder and CEO George Kurtz.

Identities are under siege and CISOs are prioritizing their spending in response. Getting identity and access management (IAM) under control is a challenging issue, especially when an organization relies on multiple cloud services, said Ariel Tseitlin, partner at SVP, in a recent interview with VentureBeat. The number of companies compromised by phishing attacks that stole employee credentials via cloud services increased by 58%.

Identity is where security is going because there’s much richer data there, Tseitlin told VentureBeat. IAM jumped from eighth to second place in this year’s investment priority rankings, reflecting growing market concerns about identity security in multicloud technology stacks. Network security and cloud infrastructure security remain from last years survey, joining IAM as the top three cybersecurity spending priorities of enterprises in 2023. (Top IAM providers include AWS Identity and Access Management, CrowdStrike, Delinea, Ericom, ForgeRock, Google Cloud Identity, IBM Cloud Identity, Microsoft Azure Active Directory, Palo Alto Networks and Zscaler.)

Corporate cybersecurity budgets with an average increase of 20%.

Large enterprises see an average 20% increase in security budgets, while midsize companies only see an average 5% increase. The SVP Survey of Security Leaders also found that security budgets for emerging technologies increased 18% this year, down 27% from 2022. This is consistent with what many other surveys are seeing, including including the Ivantis State of Security Preparedness 2023 report, which found that 71% of CISOs and security professionals expect their budgets to increase by an average of 11% this year, well above the expected inflation rate.

Data, application, cloud, and endpoint security are receiving, on average, 10% of companies’ total cybersecurity budgets this year. Compared to last year, budgets for endpoint security, identity management, and security awareness training are seeing the largest increases.

Artificial intelligence (AI) and machine learning (ML) security and software supply chain security were included in this year’s survey for the first time, accounting for 6% and 5% of respondents respectively budget.

A sure sign that boards see cybersecurity spending as an investment that helps control risk is the increase in the per-employee security budget to $3,653 this year, up 20 percent compared to $3,033 per employee last year.

Resilient cybersecurity budgets reflected in rapidly growing revenue forecasts

Organizations are reluctant to cut cybersecurity budgets for fear of falling too far behind as attackers use new technologies, including AI/ML, to launch attacks while weaponizing old vulnerabilities. However, SVP notes that CISOs are preparing for more control of their spending decisions and longer decision-making times.

Over the past three years, cybersecurity budgets have been among the most resilient in organizations of all sizes. The aggregate effects of continued spending and what Gartner is hearing from its enterprise clients on planned purchases led the analyst firm to forecast that end-user spending in the information security and risk management market will grow to $188.1 billion this year and will reach $288.5 billion in 2027. That’s a compound annual growth rate (CAGR) of 11.0% from 2022 to 2027.

The latest forecasts from Gartner [client access required]from select markets for enterprise information security and risk management, include the following, further reflecting how a resilient budget is driving market growth:

• Application security it is expected to grow from $5.7 billion in revenue this year to $9.6 billion in 2027, reaching a CAGR of 13.6%.
• Cloud security it is expected to grow from $5.6 billion in revenue this year to $12.8 billion in 2023, reaching a CAGR of 22.8%.
• Data security it is projected to grow from $3.6 billion in 2023 to $6.1 billion in 2027, reaching a CAGR of 13.6%.
• Identity access management it is expected to grow from $16.1 billion in 2023 to $24.8 billion in 2027, reaching a CAGR of 11.4%.

Companies are looking to AI/ML to fill the talent gap

Security leaders who responded to the PVC survey said finding and hiring cloud security experts is the most challenging role to fill. More than half of organizations (57%) said that the biggest obstacle to achieving their desired security position was understaffed security personnel, up 42% from last year. Security teams face, among other things, too many alerts, too many false positives, and too many tools.

AI/ML tools are helping security managers close the talent gap and grow their short-staffed teams. Four out of five security leaders (79%) believe that AI/ML will be important or extremely important to improving their security posture by 2024. More than 60% of cybersecurity leaders rely on cybersecurity tools with AI/ML-powered capabilities to further compensate for talent shortcomings. And 62% of security managers use AI/ML-powered tools to automate security processes.

Meanwhile, CISOs tell VentureBeat they are experimenting with generative AI-powered platforms with ChatGPT capabilities to reduce SecOps workloads. Ten use cases emerge from the first pilots that show the potential to offload SecOps team workloads.

Whoever owns a corporate identity, owns the company

The SVP study reflects how critical it is for every organization to take control of the IAM and have a robust strategy in place to harden every vulnerable threat surface. Identities are the most vulnerable security perimeter in existence.

Attackers know that there are loopholes in cloud configurations, and by stealing privileged login credentials they can, in effect, take over an entire enterprise before anyone notices. That’s why IAM is critical to doing well and why it’s seeing rapid growth. CISOs and CIOs continue to work together to close cloud configuration gaps and strengthen network security.

And it all has to start with the primary target of identity attackers today.