For all the infosec hurdles to overcome, we can build a bright future if the enterprise can pull together. We often talk about the enormous challenges facing IT departments around the world. The consumerization of IT, driven by the BYOD trend and coupled with mobility, has given birth to a wide range of serious security threats. As the enterprise increasingly relies on the cloud to provide software, infrastructure, and platforms as services, safeguarding valuable company data is an entirely different prospect than it was even just a decade ago.But for all the hurdles to overcome, there is mounting evidence that businesses no longer have their heads buried in the sand — or stuck in the cloud! There’s a growing realization that cybersecurity requires budgetary commitment, sincere collaboration, and a solid stratagem. If the enterprise can pull together, with government backing and the right expertise, we can build a bright future that’s secure from cybercriminals.Money, money, moneyWe’re not going to solve the problem by throwing money at it, but it certainly helps, and it’s also indicative of a deeper understanding of the underlying threats and potential costs of a data breach. The Ponemon Institute found the average cost of a data breach in 2014 was $3.5 million, a 15% increase from 2013. The enterprise is starting to realize that it’s an awful lot cheaper to provide a proper budget for security now than it is to pay through the nose later.Companies are growing more aware of threats, and this is leading to a greater allocation of resources. Gartner estimated that worldwide information security spending rose 7.9% last year, reaching a total of $71 billion, and it’s set to grow another 8.2% this year to hit $77 billion. According to the 2015 Piper Jaffray CIO Survey, security is the top spending priority for CIOs in 2015, just as it was in 2014. An impressive 75% of respondents expect to increase security spending this year, and that comes on top of an average 2% growth in annual IT budgets.Government backingThe U.S. Government is also weighing in. President Obama identified cybersecurity as a priority in his budget and asked for $14 billion to boost defenses for 2016. That’s an increase of $1.5 billion compared to this year, and it includes funds for a Civilian Cyber Campus intended to bring agencies together to focus on cybersecurity issues. That spirit of collaboration extends to the private sector.The White House summary stated, “Cyber threats targeting the private sector, critical infrastructure and the federal government demonstrate that no sector, network or system is immune to infiltration by those seeking to steal commercial or government secrets and property or perpetrate malicious and disruptive activity.”With greater pooling of resources and sharing of knowledge, threat identification and neutralization will become easier and more efficient. There’s strength in numbers. Proper planning and education You need resources to build security, but budgets must also be allocated wisely. When we looked at what the military can teach us about cybersecurity, we identified the need for proper planning and a system to enforce policy rules. Buying an expensive piece of security software or employing consultants to provide a snapshot of your security health is not going to be enough. You need an ongoing plan and expertise.Thankfully, more and more knowledge is starting to filter through into the private sector, as experts from the military, the FBI, the NSA, and the Department of Homeland Security move into business and share their insight and best practices.More businesses are starting to understand the value in educating their own workforces on security. Establishing programs to ensure that staff are aware of vulnerabilities and the potential for cyberattacks is important. Companies can leverage much greater value from existing security systems and polices by teaching staff good habits, and it’s also important that they understand the potential impact of a breach.Rowing together Looking beyond cybercriminals to the threat of nation-sponsored attacks, it makes sense for all of us to pull together. If the government and the private sector truly collaborate, we will see a decline in the threat level. The first stage was to recognize the level of the problem, and the scale of recent breaches has opened a lot of eyes. Now it’s time to work with each other to build ourselves a secure future. In tech we trust!The opinions expressed in this Blog are those of Michelle Drolet and do not necessarily represent those of the IDG Communications, Inc., its parent, subsidiary or affiliated companies. Related content opinion Diversity in cybersecurity: Barriers and opportunities for women and minorities Increasing the numbers of women and minorities in cybersecurity isn't just good for the individuals involved, it's good for the practice of security. Here's a look at what's holding them back and what can be done about it. By Michelle Drolet Dec 23, 2021 5 mins Diversity and Inclusion Hiring Security opinion 6 steps for third-party cyber risk management If you have third-party partners, you need a third-party cyber risk management program. Here are six key steps to follow. By Michelle Drolet Sep 30, 2021 4 mins Risk Management Security Practices Security opinion 5 open source intrusion detection systems for SMBs If you don’t have a lot of budget at your disposal, these open-source intrusion detection tools are worth a look. By Michelle Drolet Nov 13, 2020 5 mins Intrusion Detection Software Security feature 6 steps to building a strong breach response plan Cybersecurity resilience depends on having a detailed, thorough, and tested breach response plan in place. Here's how to get started. By Michelle Drolet Oct 07, 2020 5 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe