As the global economy sours and every aspect of corporate spending is scrutinized, many security and risk (S&R) leaders are working with tighter budgets than they have in recent years. Yet they continue to face cybersecurity challenges that grow more sophisticated each day. S&R leaders must ensure they get the most value from the technologies they choose to deploy across the spectrum—from the desktop to the datacenter and into the cloud.
To help CSOs and CROs navigate their way through budgeting exercises, Forrester issued its Planning Guide 2023: Security & Risk report, available online for a limited time. The data-driven report provides insights and recommendations to S&R leaders looking to get the most bang for their constrained bucks when it comes to applying comprehensive security controls and mitigating risks to their organizations.
Setting the stage for the 2023 recommendations is a benchmark spending report, Forrester’s Security Survey, issued in 2021. This report outlines organization’s budgetary allocations for various aspects of security spend, including components such as cloud security, staffing, on-premise security technologies, and more.
Among the noteworthy points from the 2021 budgeting report is guidance pertaining to cloud security spending, which the survey says ranges, on average, from 15% to 17% of the allocated security budget.
Firms are reaching a new scale of cloud usage—particularly in the US. Forrester’s 2021 data shows that, on average, infrastructure decision-makers at US enterprises have migrated 45% of their total application portfolio to a public cloud. They anticipate 58% will have moved in the next two years. Security teams are spending a notable amount on cloud security, but given the percentage of workloads migrating to the cloud, they need to spend far more.
More specifically, where cloud workload security (CWS), container security, and serverless security are concerned, Forrester recommends increasing investment in this key cybersecurity function, writing:
To secure cloud deployments, security teams must use several specialized solutions. CWS technologies, which includes cloud workload protection and cloud security posture management, are crucial to secure the compute, storage, and network configurations of cloud workloads in IaaS and PaaS environments. Meanwhile, security pros contending with uncontrolled access to running containers and other container security challenges will have to stitch together a complete solution themselves, as the market is immature and many vendors, such as host OS providers, secure only part of the overall container ecosystem. Finally, as developers embrace serverless functions, security pros will need to investigate serverless security lest they end up repeating their experiences in container security.
The report further laments:
Business and its IT counterparts are modernizing with cloud and aggressively pursuingpursing cloud-first strategies, but security investment in the specialized solutions for cloud workloads and cloud-native technologies hasn’t followed suit.
In addition to advocating for increased spending on cloud security – and in particular for spending on cloud workload security – the Forrester report encourages S&R leaders to experiment with better solutions for threat insight, detection, and response—even in an economic downturn. Among those technologies are extended detection and response (XDR) and managed detection and response (MDR).
XDR tools provide behavioral detections across security tooling to deliver high-efficiency alerts, additional context within alerts, and the ability to detect, investigate, and respond from a single platform. Most current XDR platforms prioritize endpoints for visibility, detection, and response, and augment endpoint telemetry with other data sources such as NGFW, identity, and more, depending on the vendor. MDR service providers offer more mature detection and response outcomes than XDR products and can help augment security teams struggling to find or retain talent.
It’s no surprise that Forrester chose to elevate XDR as an important security platform worthy of continued investment in times of a challenging economy. XDR’s value comes from consolidating multiple security products into a cohesive, unified security incident detection and response platform.
XDR is the evolution of endpoint detection and response (EDR) platforms into a primary incident response tool spanning all the modern attack surfaces, from desktop to cloud infrastructure and workloads. Today’s XDR platforms can provide rich, meaningful connected insights that are more powerful than alerts from niche security tools and can optimize response with advanced context. In particular, XDR can provide enhanced security of the cloud and its workloads, which Forrester identified as an area in need of increased investment.
Take a tour and learn for yourself why Uptycs XDR is a worthy future-proof investment to keep you on budget while simultaneously mitigating the threats coming at you every day.