79 percent of European companies are already achieving savings by switching to cloud security. 54 percent of companies are currently implementing network and security transformations or are planning to do so in the next twelve months / Major disagreement over the best approach.
Almost four in five European companies have already made savings by using cloud security solutions by replacing old security applications and reducing bandwidth requirements. This is one of the results of a study carried out by SASE specialist Netskope. The savings come from replacing hardware and appliances, including VPNs (25%), reducing bandwidth requirements (23%), and consolidating vendors (21%). In particular, replacing expensive firewalls (with Firewall-as-a-Service / FWaaS) has resulted in savings for 21 percent of IT teams.
Firewall-as-a-Service save a lot of budget
The aim of the study was to determine the strategies, expectations and actions of European CIOs and CISOs at a time of enormous changes in the area of security and networks. 99,5 percent of those surveyed are planning projects to transform networks and security over the next five years. More than half of the respondents (54%) have already started such projects or are planning them for the next twelve months. The main aim of the study was therefore to clarify what this means in practice for teams, budgets and suppliers.
Responsibility and financing: A key result of the study is the lack of clarity about who should take responsibility for important transformation projects and frameworks such as SASE and Zero Trust and pay for them.
- In every third company, the network and security teams will be merged over the next two years due to the rapidly increasing use of the cloud. For many CIOs and CISOs, “separating the teams doesn't make sense”.
- 92 percent of CIOs do not intend to consolidate network and security budgets even if the teams merge. This can lead to internal conflicts.
- 27 percent of IT managers are shifting responsibility and funding for network security to the security team in order to implement SASE and Zero Trust. However, the same number shifts the security budget in the other direction: Network and infrastructure teams receive these funds to finance a security-by-design approach.
- 28 percent of the CIOs see the responsibility for SASE with the network teams and 18 percent with the security teams, while 31 percent see it as a common task.
- Given this lack of consistency, it's not surprising that 28 percent of CIOs and CISOs expect network and security teams to continue to compete for responsibility for projects.
Skilled workers and recruiting
- 67 percent of the European IT teams report to both the CIO and the CISO. However, 27 percent of the companies surveyed do not have a CISO in their company, in Germany even 31 percent.
- A good every fourth company (28%) is expanding its security team or is anticipating that it will grow due to the use of the cloud in order to cover the expanded area of responsibility.
- 28 percent of companies that have relocated at least part of their security to the cloud have already made changes to the structure or staffing of the network team. Changes in the security teams occurred in 26 percent of the companies.
- Almost every second company (46%) already has difficulties in finding suitable candidates or expects to find them in the future.
- 38 percent of IT managers intend to look for applicants outside of the cyber skills or IT market and to train or retrain them. 30 percent plan to relocate employees from the network area, help desk and other internal teams.
“For me, two points particularly stood out from our research results. The first is the general intention of European companies to change their network and security architectures. Second, while this goal is shared by 99,5 percent of CIOs and CISOs, there is no general consensus on how best to achieve it, ”said Neil Thacker, CISO EMEA at Netskope. “Significant resources and budgets will be invested in the name of transformation over the next 24 months to deliver huge cost savings and operational improvements. This is a golden opportunity for a major architectural remodel. However, it is imperative that the results are not jeopardized by internal trench warfare, unnecessary bureaucracy, or a simple lack of cooperation between network and security teams. "
Common goals for teams
In the context of network and security transformation, cooperation is particularly important. “Executives seem to understand that their teams need to unite around common goals. In doing so, however, they have to eliminate the political divide that currently still exists in many companies between IT and security teams, ”said Thacker. “SASE can be implemented successfully by separate network and security teams as long as they work together. Nevertheless, there is a risk that the teams will be frustrated by inconsistent network and security systems that do not offer a future-proof architecture and common goals. "
About the study: The study was conducted by Censuswide on behalf of Netskope in October 2021. 700 IT specialists in Germany and Great Britain were interviewed. The participants are all CIOs, CISOs or IT directors in companies with more than 5.000 IT users.
More at Netskope.com
About netskope The SASE specialist Netskope connects users securely, quickly and directly with the Internet, every application and its infrastructure from anywhere and on every device. With a platform that combines CASB, SWG and ZTNA, the Netskope Security Cloud uses patented technology to offer the most granular context to enable access control and user awareness while simultaneously enforcing zero trust principles for data protection and threat prevention. While other providers compromise between security and network, the global Security Private Cloud from Netskope enables a complete calculation for inline traffic processing in real time directly at every service point.