February 18, 2020

Customer Perspective: Budget Allocation and Security Fears for 2020

Faraz Aladin,

In today’s breach-a-day environment, it’s no longer a matter of “if” a security event will happen, it’s a matter of “when.” To thwart possible attacks, organizations continue to invest heavily in cybersecurity solutions and are making bets on new tools as they enter the market. According to Cybersecurity Ventures, “by 2020, we expect IT analysts covering cybersecurity will be predicting five-year spending forecasts (to 2025) at well over $1 trillion.” But does this investment actually provide peace of mind or will attackers continue to be one step ahead of the organizations they seek to infiltrate?


To better understand investment strategies and concerns, we asked thought leaders at some of the top global enterprises to weigh in on budget allocation for the coming year, and the looming threats that still keep them up at night.


What new line items have you added to your cloud/infrastructure/security budget in 2020?

Cyber Security Architect at a Top 5 Law Firm

This year, we’re allocating budget towards two specific initiatives: threat detection and threat deception. While we still take an outside-in approach to security, we have now adopted an ‘assume breach’ mindset and are focused on the components of Zero Trust to determine our strategy for minimizing the impact of a breach. We’re laser-focused on defending our critical data and applications, so a clear understanding of what “normal” looks like will help us to detect anomalous behavior more quickly. Additionally, we’re also focused on user behavior analytics (UBA) and application access and usage.

Chief Security Architect at a top SaaS company

As we move further into the public cloud, we’re continuing to expand our current budget with tools like Illumio, while adding new, innovative solutions to our stack. We’re investing in EDR solutions that will beat out legacy, signature-based anti-virus protection solutions and we’re in the process of implementing hash-based analysis tools and host- and network-based intrusion detection solutions, as well as a big SIEM SOC space.

Christopher Roden, Cloud Services Network Architect, Ultimate Software

The new technologies we are looking into this year are related to capacity and expansion, continued migration to public clouds for some of our DR environments, and expanding our inspection capabilities based on application processes. We just went through a greenfield deployment for a new data center build, so we’re looking to mature that infrastructure and operationalize services that have worked well in past data centers into this new environment.

From a security perspective, what keeps you up at night?

Cyber Security Architect at a Top 5 Law Firm

Nothing! I sleep like a baby. To be frank, nothing would surprise me at this point, but that doesn’t stop me from worrying about the time to detection and ensuring that we minimize that time as much as possible. We’re also focused on growing our team of professionally curious individuals who will further our mission to strengthen threat detection.

Chief Security Architect at a top SaaS company

Our company is responsible for a broad set of customer data. We’re dealing with very sensitive information and we have contractual and regulatory obligations to maintain the confidentiality of those customers. As we know, a data breach can have a lasting reputational and economic impact on an organization, so ensuring proper security is of the utmost importance to us. That said, we’re focused on designing for security as a first order of business. We’ve implemented all of the basic principles for how to design a healthy system, including least privilege, separation of duties, default deny, keep it simple open design, controls that people will follow, and so forth. Secondly, we implement the entire set of controls that are necessary to secure data. Not just partial implementation, but the full set of controls. This includes access management, network segmentation, patching and vulnerability management, etc. Even with all these tools (and others) in place, we may still experience a breach. As we know, attackers are becoming more sophisticated and working just as fast as security teams, so it’s a constant game of whack-a-mole.

Christopher Roden, Cloud Services Network Architect, Ultimate Software

A compromise (no matter how big or small) is always a concern. Especially from the outside-in. Application-level vulnerabilities are top of mind, but our DevOps and Security teams are working closely together to minimize the possibility of a security incident.



Topics: cybersecurity

Share this post: