Solutions Review’s Expert Insights Series is a collection of contributed articles written by industry experts in enterprise software categories. Stuart Wells of Jumio examines the uncertainty in the current threat landscape, and how automation is the missing link to surviving it.
With a recession looming ahead, how will my job be impacted? Workers across the nation have been pondering this question for months, and security leaders are no exception. Countless companies have been slashing their budgets to keep a steady profit, and this trend is expected to continue in 2023. In fact, 99 percent of business leaders anticipate budget cuts, and 61 percent predict cuts to hiring or retaining talent this year due to recession-related concerns.
On the other hand, cyber-crime has climbed to egregiously high numbers in the past couple of years and is only continuing to escalate. The FBI’s Internet Crime Complaint Center received nearly 850,000 complaints relating to cyber-attacks and malicious cyber activity, with nearly $7 billion in losses in 2021, with most targeting small businesses that likely don’t have the funds for robust cybersecurity programs. Similarly, the Identity Theft Resource Center reports that identity crime regarding government benefits, social media, and other scams grew to an all-time high in 2021. Due to this surge in cyber activity, experts say that cybersecurity programs will most likely withstand a recession, particularly as cyber and information security have been a top priority for CIOs since 2020. Yet, many security leaders are still feeling immense pressure to maximize value, deliver to their board and keep the security program afloat amid the sharp rise in cyber-attacks. To top it off, their security teams are overworked and understaffed due to budget cuts and the ever-growing cyber skills gap.
In an unprecedented threat landscape, a highly vigilant and prepared security team is an absolute necessity to ensure no suspicious activity slips through the cracks. However, improvements won’t be made if security teams are still relying on manual processes and disparate point tools to address security challenges. As such, the key to building a recession-proof cybersecurity program will lie in the hands of automation.
Automation: The Missing Link
Disparate Tools Are Causing Distress (And Added Expenses)
While a general increase in sophisticated, AI-driven attacks could certainly be reason enough for the surge in successful exploits, the reality is that many security teams simply don’t have the bandwidth to keep up with the dynamic threat landscape. In fact, 56 percent of cybersecurity workers report their job becomes more demanding every year. Unfortunately, with many still conducting manual and repetitive tasks in their daily workload, this comes as no surprise.
Consider identity verification, for instance, where teams often use countless solutions to verify identity, examine identification and supporting documents, authenticate them after every visit, and more. The number of steps and tools involved in these manual security processes become incredibly costly, complex, and time-consuming. According to IBM, teams without security AI and automation take 74 days longer to discover and contain a data breach, and they spend $3.05 million more per data breach compared to those with robust automated strategies. During a potential recession, this is a lot of time and money that security teams and their companies simply cannot afford to lose.
Manual Processes Are Risky and Error-Prone
Although there are clearly security issues involved with relying on numerous vendors, there could also be regulatory consequences if teams make even the slightest mistake. With data privacy regulations enforced across the globe, such as the General Data Protection Regulation (GDPR) and California Privacy Rights Act (CPRA), organizations that fall victim to a data breach could face millions, or even billions of dollars, in penalties. Strictly regulated industries also have their own requirements and regulations to follow. Businesses operating in financial services for example are enforced by law to identify suspicious users and disclose any illegal activity, like money laundering, to regulatory agencies. Because manual processes can be tedious, errors are bound to happen, making companies not only more vulnerable to fraud and non-compliance issues but also losing their customers’ trust and tarnishing their brand reputation.
The Time to Automate is Now
In the midst of an unstable economy and threat environment, it’s critical for security teams to readjust their strategies by consolidating vendors and automating tasks wherever they can. For instance, in the case of identity verification, teams can replace their long list of manual tasks with a single, comprehensive automated platform that can evaluate a user’s level of risk, devices they are associated with, their facial biometrics, and IDs they have previously used, with minimal human intervention needed. Such advanced, unified cybersecurity platforms not only streamline processes and mitigate system vulnerabilities, they also save businesses money that would otherwise be spent focusing on manual tasks — or paying the consequences of a security mishap.
The idea of a recession might seem daunting, particularly for understaffed businesses struggling to keep up with escalating cyber-crime and customer demands. However, by replacing manual and repetitive tasks with automation, organizations can save dollars, while also giving their employees more time back to focus on priority items. Many companies are quickly jumping on the consolidation trend as well. According to Gartner, 75 percent of businesses reported they were consolidating security vendors in 2022, a 46 percent increase from 2020. We can expect more companies to follow suit as they work to minimize inconsistencies and increase efficiency this year.
- Automation: The Missing Link to Recession-Proof Cybersecurity - April 21, 2023