theDocumentId => 1341081 Cost Savings, Better Security Drive Adoption of ...

Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

5/20/2021
03:00 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Cost Savings, Better Security Drive Adoption of Emerging Technologies

However, senior technology managers express concerns about whether their current infrastructure can properly safeguard them.

Nearly 60% of senior technology managers said they would adopt emerging technologies, such as artificial intelligence (AI), blockchain, cloud, edge and quantum computing, Internet of Things (IoT), and robotics, for improved cybersecurity.

The new research from ISACA also shows 73% or respondents cited anticipated cost savings as a driver for adopting these emerging technologies.

Related Content:

Intel Doubles Down on Emerging Technologies for Sharing and Using Data Securely

Special Report: Assessing Cybersecurity Risk in Today's Enterprises

New From The Edge: How to Get Employees to Care About Security

ISACA's "The Pulse: Emerging Technology 2021" report focuses on 13 emerging technologies. Some 53% of respondents said they run cloud-enabled technologies, while the other categories trailed far behind. For example, 22% deploy AI, 21%, deploy IoT, and 20% deploy robotics.

Cost savings will loom large in the C-suite for some time, especially as it pertains to stockholders, says Dustin Brewer, ISACA’s senior director of emerging technologies and innovation. While he sees cybersecurity shifting to become a bigger part of enterprises' budget, it will fall on security teams to convince board members that spending on cyber is the right thing to do.

“We have to bring every employee, every endpoint on the network into the conversation on how cyber will save money because if we don’t have to pay a $4 million ransom to an entity that put ransomware on our computers, then that saves us $4 million,” Brewer says.

 

ET_survey_fig_charts_06.jpg

Source: "The Pulse: Emerging Technology 2021" report, ISACA

ISACA's study also found 82% of respondents are at least somewhat concerned about the ability of their current infrastructure to safeguard emerging technologies. In regard to AI and machine learning (ML) systems, 46% said they are only somewhat confident in their enterprises' ability to assess the security of these systems, 28% said they are extremely or very confident, and 26% said they are not confident. When asked about security concerns related to quantum computing, 68% said quantum computing will likely break encryption standards within the next five to seven years.

Survey respondents sent somewhat of a mixed message about deploying emerging technologies: While the vast majority said they would do so because it would improve cybersecurity, 44% also said cybersecurity risk would contribute to their overall resistance to deploying the new technology. In addition, 72% said they are concerned that emerging technologies would cost too much.

Much of this comes back to the need for security pros to convince the board to focus more on cyber, Brewer says. But he points out that all the technologies covered in the study, with the exception of quantum computing, are all classical computing technologies built on the same systems the industry has used since the 1970s.

“When the Internet was created, it wasn’t built with security in mind. It was built for communications and data sharing,” Brewer says. "Every time we build something new, we are building on an insecure infrastructure. And while we are creating new protocols like HTTPS, every time you plug in a new system, your network gets bigger, and that’s one thing you have to secure. So if you introduce AI and machine learning, that adds more complexity and cyber-risk.”

Frank Dickson, program vice president with IDC’s cybersecurity products research practice, notes that whether new devices make a network vulnerable just depends on the technology and the company’s environment. In some environments, he says, emerging technologies may replace devices with old and antiquated operating systems that are incredibly vulnerable. Emerging technologies today are built with much greater attention to the cyber integrity of the device, he says. In contrast, some technologies may skip steps to capture first-mover advantages in the market, not slowing to consider security.

“Realistically, whether we are concerned or not, emerging technologies will happen,” Dickson said. “Some 50% of IT spend is now made by line-of-business buyers in the name of digital transformation. Get on the train or get run over by the train; digital transformation does not mind. Emerging technologies will happen though.”

Steve Zurier has more than 30 years of journalism and publishing experience and has covered networking, security, and IT as a writer and editor since 1992. Steve is based in Columbia, Md. View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-32686
PUBLISHED: 2021-07-23
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback and ...
CVE-2021-32783
PUBLISHED: 2021-07-23
Contour is a Kubernetes ingress controller using Envoy proxy. In Contour before version 1.17.1 a specially crafted ExternalName type Service may be used to access Envoy's admin interface, which Contour normally prevents from access outside the Envoy container. This can be used to shut down Envoy rem...
CVE-2021-3169
PUBLISHED: 2021-07-23
An issue in Jumpserver 2.6.2 and below allows attackers to create a connection token through an API which does not have access control and use it to access sensitive assets.
CVE-2020-20741
PUBLISHED: 2021-07-23
Incorrect Access Control in Beckhoff Automation GmbH & Co. KG CX9020 with firmware version CX9020_CB3011_WEC7_HPS_v602_TC31_B4016.6 allows remote attackers to bypass authentication via the "CE Remote Display Tool" as it does not close the incoming connection on the Windows CE side if t...
CVE-2021-25808
PUBLISHED: 2021-07-23
A code injection vulnerability in backup/plugin.php of Bludit 3.13.1 allows attackers to execute arbitrary code via a crafted ZIP file.