Security / December 10, 2020

The Impact of COVID-19 on Enterprise IT Security Teams: A Talk with CyberEdge’s Steve Piper

Gigamon recently sponsored “The Impact of COVID-19 on Enterprise IT Security Teams,” a detailed report based on a survey by CyberEdge. This report is based on over 600 survey responses from IT security professionals working at mid-sized to large enterprises employing 1,000 people or more in late 2020.

Report Summary and Key Findings

The report’s headline is that 2020 saw a 5 percent increase in enterprise security spending due to COVID-19 and work-from-home (WFH) issues. This trend is expected to continue in 2021, with 63.5 percent of survey respondents expecting security spending to increase by around 7 percent. Driving this increased spending are four key factors.

1. Work from Home/Distributed Working Is the New Normal

At the enterprise level, 50 percent of the global workforce now works from home, a 114 percent rise compared to pre-COVID-19 numbers. What’s more, the majority of the workforce wants to stay working from home at least on a part-time basis. Key takeaways:

  • Work from home is here to stay and will evolve into distributed working, with workers moving between home and traditional office workplaces
  • Enterprises have maintained productivity during WFH and this, combined with office and travel savings and the preference of 81 percent workers to WFH, means that supporting distributed workers is now a priority
  • This translates to a need to ensure workers have access to the same apps, performance and security regardless of where they are working
  • Acquiring and maintaining visibility into the apps that distributed workers are using and their user experience is critical in ensuring the long-term success of WFH and the distributed working initiatives

2. Security Threats Are on the Rise

Thirty-seven percent of survey respondents have seen an increase in the number and severity of security threats as a result of COVID-19, WFH and workers using their own devices on enterprise networks (BYOD or Bring Your Own Device). Key takeaways:

  • Threats now exist on more devices than ever before, whether these are non-enterprise-issued phones or laptops, unsecured home networks or IoT devices on those networks
  • Effective security is based on complete visibility into these devices and their behavior, including what apps and websites they use and any suspicious behavior they exhibit

3. There Is Growing Pressure on InfoSec and SecOps Teams

Fifty-three percent of enterprises are short of skilled IT security professionals, but in spite of this, 36 percent of all enterprises either froze or reduced security headcount as a result of COVID-19. Key takeaways:

  • Enterprises were already short of trained security professionals before COVID-19, and the increased threats arising from WFH and criminals and state-sponsored actors seeking to exploit the situation have made the problem significantly worse
  • This situation has been exacerbated by headcount freezes, layoffs and moves to unfamiliar cloud-based solutions
  • In addition to better training, enterprises need to automate mundane tasks (for example, investigation of SIEM false positives) and to use AI and machine learning to identify patterns that may indicate suspicious behavior or an impending attack

4. The Cloud Is the Security Platform of Choice

Seventy-five percent of respondents said they preferred cloud-based security solutions, mostly because of limited access to data centers. This is particularly true in distributed enterprises — for example, manufacturing, utilities, telecom and retail. Key takeaways:

  • The need to deploy new security solutions quickly, along with limited access to data centers, has driven security teams to rely on cloud-based solutions to secure the enterprise
  • COVID-19 has significantly accelerated the adoption of SaaS-based apps and placed a burden on enterprise IT to securely integrate these apps with on-premises and virtual data sources and applications
  • This accelerated migration has increased security risks, as many on-premises tools do not provide visibility — and therefore security — across cloud environments.

All four of these trends will have a major impact on enterprise IT and security professionals in 2021 and beyond.


People are talking about this in the Gigamon Community’s Security group.

Share your thoughts today

Back to top