Why security should be on every IT department's end-of-year agenda

As we approach the new year, shoring up your organization's security strategy is essential. Here's why
1 reader likes this.
CIO_Security_computers_database

As we approach the last month of Q4, all eyes are set on planning for 2023.

From budget to headcount to the product roadmap, there are a variety of subjects on every organization’s agenda. For IT teams, these agendas get more specified and granular, as they are responsible for the tools and investments that will keep the infrastructure running and secure for the next year.

With that in mind, what should be on your IT department’s agenda between now and the end of the year? What is important and time-sensitive enough to ideate on in the next month?

In short, the answer is security. There are various reasons that security should be on every IT department’s end-of-year IT agenda. Read on for the top three.

1. Remote work is here to stay

According to building security provider Kastle, the percentage of employees swiping into their office buildings as of September 2022 is just 54 percent of pre-pandemic levels. This is the highest average percentage since the onset of the COVID-19 pandemic. However, the numbers are growing slowly, and according to many experts, they will never reach pre-pandemic levels again.

[ Also read IT security: 3 areas to prioritize for the rest of 2022. ]

Remote work is here to stay. At least 40 percent of employees who work from home at least one day a week claim they would quit if their employer mandated a full-time return to the office. As we approach the end of the year and the start of 2023, employers will have to continue to weigh the pros and cons of office space and remote work. Remote work will undoubtedly remain the norm for many employees, some of whom will take advantage of a “nomadic” lifestyle while maintaining full-time work.

It is critical for IT teams to account for these developments by making the proper strategic security investments. By doing so, organizations can keep employees secure and productive, protect the security of their overall organization, and ensure a positive employee experience and uncompromised online access.

Examining employee distribution and understanding the ebb and flow of your workforce will enable you to better serve your employees with security solutions and tools that aren’t overly complicated and meet their needs.

2. Cyberattacks are getting more expensive

Worldwide, the average cost of a security attack during the first half of 2022 was $4.35M. In the US, that number was more than double – a whopping average of $9.44M. This number is even higher in certain industries; the average cost of a data breach in the healthcare sector, for example, is over $10M.

The end of the year is a good time to discuss whether it is the right time to embark on an AI/automation digital transformation journey.

Security attacks are getting more expensive and becoming more detrimental to everyday businesses, keeping organizations offline longer, affecting more devices, and taking more days on average to identify and address. By doing a health check on your current investments and surveying other available options, you can decide which tools are best for your organization and align with your 2023 goals.

Artificial intelligence (AI) and automation are at the top of many security budget lists, and the end of the year is a good time to discuss whether it is the right time to embark on those digital transformation journeys. You may want to weigh the pros and cons of shifting from a preventative approach to a more resilient one. These discussions can ensure that your organization is knowledgeable, prepared, and attuned to impending security attacks.

3. Hiring and talent freezes

For many IT teams, hiring is fraught with inconsistency. This makes the end-of-year agenda extremely important for IT teams and their hiring counterparts. Deciding which employees will be promoted, what new positions can be created, and backfilling employees who have moved on to new roles is a puzzle for both IT department leads and hiring managers.

For many organizations, the end of the year means focusing on organizing this turnover ahead of the new year. From reclaiming devices of past employees to redistributing unused licenses to save funds, there are multiple staffing-related tasks to complete before year-end.

With this in mind, IT teams must discuss their hiring needs for the new year and what roles they ideally would like to fill by the end of the current year. Many people leave their jobs toward the end of the year, so there will soon be more open positions than usual for cybersecurity employees.

Make sure your team is clear and organized on your hiring strategy: If you’re hiring, align on priorities and more emergent vacancies. If your organization has frozen hiring, take this as an opportunity to test automation capabilities for certain tasks and align on the usefulness of your current solutions to ease the burden on your current team.

Any new year brings uncertainties and elements that IT teams are unable to plan for. However, there’s no better time to take stock of your security investments, evaluate your current team members and their needs, and ultimately examine what has changed over the past year. Security planning will minimize unknowns and help you start the new year with a solid plan.

[ Leading CIOs are reimagining the nature of work while strengthening organizational resilience. Learn 4 key digital transformation leadership priorities in a new report from Harvard Business Review Analytic Services. ]

matt_meanchoff_absolute
As Absolute’s Chief Customer Officer, Matt Meanchoff is responsible for leading Absolute’s customer delivery and service functions – including Customer Success, Professional Services, Investigations, Risk Management, and Technical Support.