Pandemic Budget Priorities: More Network Security Means Less Spending Elsewhere

Enterprise Networking Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Remote working exploded into the consciousness of every networking professional back in March, as huge numbers of staff began working from home almost overnight. For some organizations, that meant vastly more remote workers than normal, but for others it was the first time that anyone had been allowed to work from home for any significant length of time.

That’s had a huge impact on security spending as IT departments have rushed to secure these remote workers. What’s more, this COVID-19-related spending is unlikely to abate anytime soon. That’s because security is ultimately an exercise in risk management, and spending has to be prioritized so as to bring the big risks associated with home working down to acceptable levels. According to management consultancy McKinsey, home workers’ security will remain a priority at least until the end of the year and perhaps well into the first half of 2020.

IT budgets shift toward network security – as revenue falls

That money will likely be spent on security basics like rolling out multi-factor authentication to provide strong network and application authentication for remote workers, as well as increasing VPN capacity.

But here’s the problem. Most companies’ revenues and profits have taken a hit – often a severe one – thanks to the pandemic, and that means that budgets are under pressure. When that happens, the security budget is often the first to be cut. “Like other segments of IT, we expect security will be negatively impacted by the COVID-19 crisis,” says Lawrence Pingree, managing vice president at Gartner.

If security budgets are cut, and spending on securing home workers continues, then there’s only one possible outcome: spending on other security-related activities is going to have to be cut.

The obvious areas which look like tempting candidates for budget cutting include governance and compliance, although doing so could lead to all kinds of trouble in the future. Perhaps more tempting areas to cut include advanced long term security projects around security orchestration, automation and response (SOAR) systems, behavioral analytics, and AI-assisted detection systems. And according to Gartner, spending on more familiar networking security equipment including firewall equipment and intrusion detection and prevention systems (IDPS) will be most severely impacted by spending cuts this year.

And therein lies the bigger problem. The pandemic has led to spending on securing remote workers being prioritized, because that’s where the biggest risk is. But let’s not forget that the old security risks haven’t gone away. Hackers are attracted to wherever the biggest opportunities are, and once remote workers are no longer the easy targets that they may have been for the past few months, the hackers will circle back to corporate networks.

That means IT departments need bigger budgets, not smaller ones, if they are to continue to prioritize pandemic-related spending while controlling all the other security risks at manageable levels.

Of course COVID-19 might disappear overnight – as if by magic – and this security problem will disappear. But reality suggests that securing an adequate network security budget should be a priority for every CIO and CISO. 

Paul Rubens
Paul Rubens
Paul Rubens is a technology journalist specializing in enterprise networking, security, storage, and virtualization. He has worked for international publications including The Financial Times, BBC, and The Economist, and is now based near Oxford, U.K. When not writing about technology Paul can usually be found playing or restoring pinball machines.

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.

Latest Articles

Follow Us On Social Media

Explore More