Skip to main content

Remote Working Demand Disrupts IT Security Norms

Enterprise IT Security investment in critical infrastructure has been consistent over the last 12 months, regardless of huge disruptions from the global Covid-19 pandemic. The resulting effect has been mostly in increased demand for secure 'remote working' connectivity.

Cybersecurity spending announced by governments has not really changed significantly, with most maintaining similar funding planned in previous years, and an average year-on-year growth rate between 5 percent and 10 percent.

According to the latest worldwide market study by ABI Research, cybersecurity spending for critical infrastructure (CI) will increase by $9 billion over the next year to reach $105.99 billion in 2021.

IT Critical Infrastructure Market Development

The primary challenge of the Covid-19 pandemic has been for CI operators to ensure that systems and services keep running smoothly, despite an increasingly distributed and remote enterprise workforce.

As such, greater emphasis has been placed on ensuring that IT infrastructure operations can be securely monitored and managed remotely by authorized personnel.

"There is no denying that secure connectivity has become a key focus, not least with the revelations late last year of the SolarWinds Orion hack, which has brought into sharp focus the need for better vetting of services offered by third party contractors and remote update processes," said Michela Menting, research director at ABI Research.

The scale of the cyber intrusion clearly illustrates how vulnerable systems can be when they have weak links, and how easily threat actors can infiltrate and escalate privileges once access has been gained.

The implications for national security are significant, and critical infrastructure operators and governments worldwide are now re-evaluating and re-assessing the risks as they relate to remote work management.

According to the ABI analyst assessment, the brunt of security spending is still first and foremost focused on IT networks, systems, and data security from a defensive perspective. This is where the primary threats are focused, and operators are keenly aware of the potential ramifications of a breach there.

"However, increasing efforts are being placed on offensive security investments to better prepare response mechanisms, as well as securing operational technologies as operators in many sectors go through digital transformation and start evolving toward smart and connected IoT infrastructures," Menting explains.

Progress is nonetheless slow, as many sectors are bound by regulations which can make it difficult to change quickly. In addition, new security processes require time for testing and validation before being greenlit for use, ensuring they don’t compromise the integrity or proper functioning of existing processes.

While security spending is significant in defense, financial services, and Information & Communication Technologies (ICTs), it still lags in the more industrial sectors such as energy, water, and waste management, as the risks related to physical threats are significant.

Some initial traction is nonetheless driving transport, public security, and healthcare -- all in line with digital transformation efforts in those industries, and notably from smart city developments.

Outlook for New IT Security Applications Growth

"By and large, security spending in critical infrastructures is wide and varied, and diverges significantly among regions due to policy and regulation but is overall embracing cybersecurity much more holistically as connectivity and digitization continue to play increasing roles in everyday operations," Menting concludes.

That said, I believe that more CIOs and CTOs are seeking comprehensive solutions that improve operational resilience, while also removing some of the complexity from managing a legacy multi-vendor IT security environment.

As working from home gained momentum, IT organizations -- and the employees that they support -- experienced some of the inherent limitations of traditional VPN services. That's why chief information security officers (CISOs) have been tasked with the goal to attain a solution that adapts to the evolving demands for secure 'anywhere' access to on-premises and cloud-based SaaS applications.

Popular posts from this blog

Rise of Software-Defined LEO Satellites

From my vantage point, few areas are evolving as rapidly and with such profound implications as the space sector. For decades, satellites were essentially fixed hardware – powerful, expensive, but ultimately immutable once launched. That paradigm is undergoing a transition driven by Software-Defined Satellites (SDS). A recent market study by ABI Research underscores this transition, painting a picture of technological advancement and a fundamental reshaping of global connectivity, security, and national interests. LEO SDS Market Development The core concept behind SDS is deceptively simple yet revolutionary: decouple the satellite's capabilities from its physical hardware. Instead of launching a satellite designed for a single, fixed purpose (like broadcasting specific frequencies to a specific region), SDS allows operators to modify, upgrade, and reconfigure a satellite's functions after it's in orbit, primarily through software updates. The ABI Research report highlights ...