Mid-tier companies are battling a “black hole” of time, security expertise and budget to procure, implement and manage a dizzying array of security products.
According to the Network Security Study from 451 Research, sponsored by OPAQ Networks, 82% of respondents indicated they spend a whopping 20 to 60 hours of in-house staff resources a week to do just that. Despite the well-documented challenges associated with finding and retaining security professionals, the study revealed that nearly three-quarters of the respondents dedicate between three and five full-time employees just to manage their security. More than 60% cited legacy IT as the greatest barrier to improving visibility and control within their networks, followed by lack of budget at 27%.
The financial hit to mid-tier businesses is an average of $178,000 annually, which represents 39% of an organization’s total IT security budget.
“The security challenge for mid-tier businesses is multi-dimensional. For these businesses, everything seems to be increasing—attack frequency, compliance requirements, complexity, costs and the number of security products that need to be managed,” said Daniel Cummins, analyst at 451 Research.
According to the study, the financial burden will continue to increase, and signs point to network security as a significant business priority. Network security spending will grow nearly twice as fast as overall IT security spending over the next five years, projecting a compound annual growth rate (CAGR) of 8.9%, from $2.4 billion in 2016 to $3.5 billion in 2021. About 40% of respondents project their spending on network security will increase between 10 to 20% in the next 12 months.
Nearly 40% of respondents indicated that they use part-time employees, contractors and managed security service providers (MSSPs) manage their security workload. And, 87% of respondents said their timing for migrating to a cloud-based network security delivery model was within a 12-month time frame. The top cloud-based security use cases cited were threat management and branch office enablement and optimization, followed by multiprotocol label switching (MPLS) displacement, MSSP displacement, on-demand security and securing software-as-a-service applications.