With the threats posed by bad actors growing every year in sophistication and potential harm, cybersecurity is more important than ever. As a result and to reflect this urgency, NewtonX Current issued a report on the top priorities and concerns decision-makers have about cybersecurity in 2022. We surveyed CISOs, CTOs, and other senior IT decision makers to gain insight into the most pressing issues the industry faces today.
Uncovering the most valuable insights on cybersecurity meant speaking to top cybersecurity decision makers. We conducted our survey from August 3-4, 2021. To guarantee the qualifications of the professionals we surveyed, we employed our proprietary Knowledge Graph and custom recruiting method. Our methodology enabled us to nail down 103 cybersecurity professionals with the expertise required to answer the big questions.
Of the professionals we spoke to, 57% were CTOs or CIOs, 97% of which had decision-making authority over IT/IS security. Another 32% were Chief Information Security Officers (CISOs), all of whom had decision-making authority over IT/IS security. The respondents represent a diversity of companies with a range of headcounts, with nearly half our sample representing companies with 1,000 to 10,000 employees.
Covering cybersecurity in 2022 from every angle: What kind of questions did we ask?
With such a strong sample at our disposal, we wanted to make sure we covered as much ground as possible. Our questions fell into five main categories: decision-making influences, budget, vulnerabilities, cybersecurity management, and provider evaluations.
What are the biggest influence factors on cybersecurity decision-making?
One goal of our survey was to identify the biggest influences on cybersecurity buying decisions. Our work revealed how CISOs, CTOs, and CIOs prioritize information from providers and stakeholders before making final decisions. We also found that the influencing factors on cybersecurity vendor evaluation and budgets differed greatly.
Our findings give cybersecurity providers the data they need to understand how cybersecurity leaders make buying decisions. Cybersecurity providers can use our data to inform custom research that caters to the specific needs of decision-makers and buyers.
Budget: Trends and allocations of spending and staffing
Our research revealed that most cybersecurity budgets either stayed flat or increased in the last year. Our survey answered and ranked crucial information about budgets: how much organizations are spending on cybersecurity (relative to their entire IT budget), where are they allocating that spending, and how are they staffing it.
Understanding how buyers allocate their spending on cybersecurity enables vendors to plan their development accordingly.
Vulnerabilities: Who faced incidents and how they were resolved.
A majority of the cybersecurity decision makers we surveyed reported experiencing cybersecurity incidents in the past year. Many saw such incidents rise. Our questions focused on how the frequency of incidents has been changing, as well as the types of cybersecurity incidents organizations face. Additionally, we considered the types of solution companies are ready to deploy. We also asked how cybersecurity decision makers feel about laws restricting payments to ransomware attackers.
Cybersecurity management: What does your agenda look like for cybersecurity in 2022?
NewtonX found cybersecurity leaders have no shortage of top ranked challenges. To get a sense of where the market is going, it’s important for cybersecurity vendors to keep abreast of the solutions organizations haven’t yet implemented, but plan to.
Our survey covered the criteria cybersecurity leaders use to evaluate solutions and choose providers. For solutions providers, knowing what criteria matter to their buyers lets them predict what solutions are likely to succeed, and what they can do to appear more reputable.
Provider Evaluations: Who are the top providers and what are your decision making criteria?
The last subject covered in our survey was provider evaluations. We asked the professionals we surveyed who their top providers were. However, which providers our respondents ranked #1 and which criteria mattered most for decision making depended largely on the cybersecurity solution we asked them to consider.
The solutions our questions covered included MDR services, SIEM, endpoint protection and response platforms, and application security testing. For cybersecurity vendors, knowing what criteria their potential buyers use to rank solutions is essential. It lets them conduct focused competitive benchmarking to learn what their competition is doing to win key accounts.
For more high quality answers to essential cybersecurity questions, as well as more detailed analyses of the insights described here, buy the complete NewtonX Current: Cybersecurity in 2022 Business Outlook and Key Trends. The full report dives into these topics and much more, with all its data sourced from verified cybersecurity professionals.