Cybercriminals aren't cutting their budgets, nor should you

Nick Emanuel, Senior Director of Product, Webroot, explores how businesses can get the most out of their cybersecurity budgets amid the pandemic

This is a contributed article by Nick Emanuel, Senior Director of Product, Webroot, an OpenText company


As the COVID-19 pandemic continues, so does our dependency on digital technology and remote work tools, with collaboration confined to video calls and chat applications.

The increased dependency on digital has broadened the surface for cyberattacks, with reported attacks having risen 33% in the first 100 days of lockdown alone. It's no surprise that cybercriminals have targeted companies during this time, with the increased flexibility afforded to employees through remote work leaving them exposed to greater security risks through a larger attack surface.

Amidst this rising security threat, many organisations have been forced to cut costs across their business due to financial pressures from the pandemic. With some predicting that global IT spending is set to fall by up to 7% as a result of COVID-19, it's clearly tempting for business leaders to look towards cybersecurity to meet cost cutting targets.

However, with cybercriminal activity continuing to rise, it's clear that security is one area that businesses simply cannot afford to shave.

With costs being squeezed, here are four areas where businesses can get the most out of their cybersecurity budgets amid these uncertain times:


  1. Embrace automation tools

Looking to automation should be a priority for technology leaders. Put simply, it will help to decrease costs and increase margin.

For example, machine learning (ML) and artificial intelligence (AI) tools can aid cybersecurity by using statistical methods to analyse data collected by an organisation's security team and produce models that automatically assess the risk of files, websites or applications that employees are using. That score can then be used as part of a policy within a security product to automatically block or stop scores below a certain threshold.

These tools can take a huge burden off human threat analyst teams, who simply can't keep up with all the threats launched on their organisation every day. By automating some of the menial tasks, it reduces the cycle time to detect and remediate threats and frees up human capacity for dealing with more advanced tasks.

We've even seen evidence of cybercriminals using AI to fine tune threats such as phishing emails to look more like the real thing. They are innovating, and organisations must keep up by using equally powerful technology.


  1. Create a comprehensive employee education programme

A vital part of an organisation's defence is employee education, which should be the bedrock of a cyber resilience strategy.

There's no use investing in sophisticated cybersecurity software and services if employees click on dangerous phishing links which provide cybercriminals access to a network. That's like turning on a fancy home security alarm, but leaving a window open - you'll be playing catch-up after the bad guys get in.

A comprehensive and consistent education programme will improve employee vigilance and help to defend endpoints. Such programmes should focus on frequency and method of delivery. For example, short sessions in five to ten-minute modules, also known as ‘microlearning', improves information retention and fits into employees' busy workday.

In a world where employees crave career growth and development opportunities, microlearning provides a solution that suits time-poor schedules and will ultimately keep sensitive data safe, reduce stress and improve job satisfaction.

Training should also be accompanied by guidelines on etiquette and best practice for passwords and system policies to ensure defences are effective.


  1. Ensure insurance is in place

Data breaches can have significant consequences for all organisations, especially small and mid-sized businesses (SMBs). Research by IBM shows that data breaches for organisations sized between 500 and 1,000 people cost the company an average of $2.65 million.

For larger enterprises, it can be even more costly and often accompanied by reputational damage as a result of negative news coverage, resulting in a loss of trust from customer, partners and prospects.

Normally, organisations would hedge against such astronomical threats and cybersecurity should be no different. A recent report by the UK government found that companies who have cyber insurance coverage get benefits beyond simply being able to recover lost earnings, profits or data. In three-fifths of cases, cyber insurance policies were found to also cover at least one of the following: incident response, reputation management or forensic analysis.

Purchasing insurance can also have softer benefits. For example, it can drive focus on security compliance within the executive-suite, not least because many policy providers require pre-purchase questionnaires before coverage and will almost always conduct thorough post incident analysis prior to pay out or claim settlement.

For Managed Service Providers offering cyber insurance for clients, attainment and maintenance of insurance-based requirements in their business will drive meaningful security conversations.


  1. Invest wisely in cyber resilience

The economics here are clear. Cybercriminals are not cutting their budgets and are using any opportunity to pounce on vulnerabilities amid fear and uncertainty, so organisations need to ensure they are investing adequately in their cyber resilience in order to protect themselves.

There are two essential elements to any organisation's cyber resilience plan: data security and data protection.

Data security entails endpoint security, as well as DNS filtering and security training for protection at the network and user levels.

Data protection entails automated, encrypted backup and recovery for endpoints and servers to defend against ransomware, hardware failure, and device loss or theft.

Together, these elements of cyber resilience reduce the likelihood of any one cyber setback being catastrophic for a business or its clients.


Now is the time for businesses of all sizes to ringfence their security budgets. Amid the unprecedented shift from a physical office to work from anywhere, businesses should look at physical cost reductions, not digital, to drive cyber resilience during these challenging times.

After all, the cost of protection pales in comparison to the cost implications of a data breach.

Nick Emanuel is Senior Director of Product at Webroot. Emanuel joined Webroot in August 2015 and is responsible for Webroot's Business Platform and Services Portfolio. He has been a PM for over 14 years, and held PM positions in Symantec and MessageLabs, as well as a Development Leadership role managing a building and operating (at the time) the largest BEA/Oracle portal installation in Europe.