Why big-budget cybersecurity doesn’t mean safe systems

As globe-straddlers buy security specialists outright, smaller enterprises struggle with budgets – but does spending big equate to better cybersecurity?
15 April 2020

A move to remote working is seeing new threats emerge. Source: Shutterstock

  • Accenture made its third cybersecurity purchase this year with Revolutionary Security
  • The buyout brings to light the significance of cybersecurity today 
  • With SMEs feeling the squeeze, is spending big on cybersecurity solutions the best course of action? 

Last week, professional services giant Accenture made its third big cybersecurity purchase this year, showing just how significant a challenge keeping apace with security is today, and how the ability to manage it has become a differentiator for companies. 

Accenture Security’s global head, Kelly Bissell said the purchase of Revolutionary Security, made for an undisclosed fee, was “another demonstration of our continued commitment to invest in areas to keep our clients safe from cyber threats.”

The acquired firm provides security for critical infrastructure segments, including financial services – it offers risk assessments and runs simulations to help enterprises locate gaps in an enterprise’s security systems.

It will have been pushed over the line in the wake of the pandemic that’s led a vast swathe of businesses to move to remote working operations. For Accenture, with bottomless pockets, and its partners who themselves are far from small-fry, the buy-out contrasts starkly with many smaller firms who are faced by the same threats, amplified in uncertain times, but without the lined coffers to onboard new cybersecurity solutions.

Based on research by Statista, the global cybersecurity market is set to grow from US$167.1 billion in 2019 to US$248.26 billion by 2023. With cybersecurity a top priority for every organization, the estimates could potentially climb as businesses adapt to a new working environment. 

On the other hand, constrained budgets combined with the added uncertainty and volatility of the markets makes it even more challenging for SMEs to invest in cybersecurity systems.

This is reflected in a report by the Cyber Readiness Institute (CRI) that showed close to half (40 percent) of small business owners are unable to make necessary cybersecurity investments due to the unstable economy state.

As is all discussions cybersecurity, though, whatever you spend on cybersecurity – whether you’re a professional services globe-straddler buying a specialist outright, or a small businesses with hardly enough to buy antivirus software – most of the time, any kind of breach can be traced back to a human misstep.

High investments tied to cybersecurity tools do not guarantee organizations protection from all threats. IDC research found a majority (70 percent) of successful breaches originated at endpoints, even though increased spending is injected in this threat area.

So, while a handful of businesses may be able to spend big on cybersecurity solutions, investment in training and policy should come first – ensuring staff ‘think before they click’ is probably the best place for organizations with limited resources to focus their security efforts.