Skip to content

Scale Cybersecurity Report Heralds Industry Growth in 2021

Scale Venture Partners, a global venture capital firm based in Silicon Valley, released last week a study entitled “Cybersecurity Perspectives 2021: The Pandemic, SolarWinds, and the Security Leader State of Mind.” Key findings in the Scale cybersecurity report include the positive value of a direct relationship between a CEO and a chief security officer, the impact of SolarWinds on software supply chain security spending, how remote work has multiplied certain risks, and how increasing data privacy requirements will require further investment.

This is the latest in an annual series of reports where Scale surveys 300 security leaders in the United States. This year’s survey was conducted in March 2021.

Put the C into CISO

Scale’s report emphasizes making the enterprise cybersecurity officer a direct report to the CEO. Scale finds a small, but significant increase in risk management capabilities for those cybersecurity chiefs who report to the CEO. As stated in the Scale cybersecurity report,

Having a seat at the table also appears to affect confidence in the ability to manage risk. Ninety-four percent of respondents who report to the CEO said they are equipped to handle cybersecurity risks, compared with 86% who do not report to the CEO. In addition, 94% of all respondents said that, compared to 12 months ago, the C-suite better understands the business impact of security. It is likely that the twin challenges of SolarWinds and COVID-19 have markedly raised the C-suite’s awareness of the value of security.

Cybersecurity Perspectives 2021: The Pandemic, SolarWinds, and the Security Leader State of Mind

Zero in on Supply Chain Concerns

In what may be good news for everyone, Scale reports that devops teams are increasingly making projects more secure through the use of security personnel. As stated in the Scale cybersecurity report,

When asked how they have changed security processes over the past 12 months, 57% said they have increased integration with other teams, like IT and software development.

Cybersecurity Perspectives 2021: The Pandemic, SolarWinds, and the Security Leader State of Mind

As the trend to subsume cybersecurity into tooling continues, system integrators and product buyers should expect devops tool vendors’ security focus to skyrocket.

SolarWinds Impacts CEO Perceptions

Another finding is a shift in the perception of cybersecurity’s value from the CEO perspective. As stated in the Scale cybersecurity report,

SolarWinds also sharpened respondents’ focus on security risks created by third-party vendors whose products play critical roles in business operations. Thirty-six percent said that they expected third-party risks to rise over the next 12 months; 47% of respondents said third-party risks are a top factor affecting the C-suite’s understanding of the business impact of security, behind data breaches (57%) and remote work (54%).

Cybersecurity Perspectives 2021: The Pandemic, SolarWinds, and the Security Leader State of Mind

The report goes on to describe further results that emphasize how IT leaders are ready to respond to the cyberwar by hiring more staff, spending money on software and services, while at the same time making forward-looking investments into new architectures and solutions.

Read the Scale Cybersecurity Report

Scale’s annual report certainly has an investor perspective and calls out the opportunity for cybersecurity companies to service a growing global market. Despite this skew on perception, IT and cybersecurity leaders should reference the report for important trends not reported here.

For Salesforce devops vendors, architects, practitioners, and industry watchers this report heralds further new market entrants, cybersecurity enhancements from existing vendors, more investor moves, and further mergers and acquisitions of devops and cybersecurity companies.

Vernon Keenan’s Cybersecurity Posts

My focus on cybersecurity extends to educating users, developers, architects and IT leaders about the risks of attack and strategies for defense.