Healthcare CISOs Prioritize Cybersecurity Budgets Amid Economic Downturn

June 02, 2023 - With recent economic trends pointing toward a recession, companies are bracing for the downturn and slashing resources in anticipation of financial turmoil.  

Yet, cybersecurity budgets remain resilient. A recent survey revealed that most IT security decision-makers, including those in healthcare, have ramped up their 2023 cybersecurity spending to strengthen programs. 

Nuspire's Second Annual CISO Research Report on Challenges and Buying Trends surveyed 200 CISOs across various sectors. The results showed that 58 percent had increased their budgets in 2023, with 42 percent planning to pour more even funding into cybersecurity within the following year. 

This uptick in budget allocation speaks volumes as leaders recognize the importance of a strong landscape. 

“As we've seen in previous years, the current economic conditions have shown how resilient cybersecurity budgets are in the face of business cost reductions,” said Lewie Dunsworth, CEO of Nuspire. 

When looking at where these funds were allocated, improving current security technology, maintaining constant monitoring and quick response to threats, and overall upgrades to their security systems were top of the mind for CISOs. 

Additionally, cybersecurity professionals don’t want to rely on technology alone to address the increasing daily security risks. Instead, they want to make more strategic choices about the best use of their resources. Specifically, about one-third of these leaders prioritized investment in areas like cloud security, event management, endpoint detection, response systems, and software-defined networks. 

However, new technology purchases are still on the table; many IT security leaders are still looking to minimize their security risk through the tools.  

Rather than relying on various tools, the survey participants wanted to streamline cybersecurity processes. As one respondent noted, “We have too many security tools. This is a significant issue as we need to master numerous tools.” 

Given the significant investment in cybersecurity, it's not surprising that CISOs and IT decision-makers are experiencing increased confidence in their systems. 

The survey revealed that these cybersecurity leaders are more confident in their cybersecurity landscape. This is especially true when evaluating their security strategy alongside their peers and in the context of end-user compliance. 

“While CISOs and ITDMs have a relatively high level of confidence in their current cybersecurity programs, it’s clear that the pressures to mitigate risk are growing,” the report stated. “Leaders across departments now recognize cybersecurity’s importance to their bottom line, and that heightened interest creates increased pressures on security practitioners to deliver.” 

Even though worries have slightly eased since last year, many leaders still see their organizations as potential cyberattack targets.  Yet, this concern is far from baseless, as cyberattacks proliferated this year, infiltrating numerous organizations. 

In response to this shifting landscape, the primary concerns for CISOs and IT decision-makers have also evolved. The spotlight has moved from end users and endpoints, the main worry last year, to software applications and email/collaboration tools, highlighting the dynamic nature of cybersecurity threats.