Mike Vizard recently reviewed a multi-national Microsoft study that examined how COVID-19 has accelerated digital transformation and influenced IT spending. Earlier this year, Dimensional Research also fielded a survey, commissioned by Barracuda, that examined the same topic in the United States. The results of these studies reveal some interesting results.
Although our survey topics overlapped, Microsoft, and Barracuda research targeted different groups. Microsoft surveyed “800 business leaders of companies of more than 500 employees in India (IN), Germany (DE), the United Kingdom (UK) and the United States (US),” while Barracuda surveyed 500 IT decisionmakers across several industries at companies with no more than 5,000 employees.
Changes in technology
Microsoft CEO Satya Nadella famously said that the pandemic caused “two years’ worth of digital transformation in two months,” and our survey results seem to support this claim.
76% of our respondents said they had made technology investments to help their companies respond to COVID-19. Of these,
- 41% purchased or made plans to purchase additional IT tools
- 35% accelerated digital transformation activities or timelines
- 34% increased investment in cloud infrastructure (AWS, Azure, etc.)
- 34% adopted cloud applications (SaaS applications, Office 365, etc.)
The Microsoft survey was more specific about the IT tools, breaking out the top five cybersecurity investments across all regions. The U.S. investment results are ranked as follows:
- Endpoint device protections
- Multi-factor authentication (MFA)
- Anti-phishing tools
- VPN technology
- End-user security education
Barracuda and Microsoft have been independently warning the public about the spike in COVID-19 themed phishing attacks since early this year. The spending trends align with our threat intelligence on this.
Barracuda’s research showed that the largest companies were most likely to invest in cloud infrastructure, while the smallest were the least likely to go all-in on the cloud.
Companies with 1,000 to 5,000 employees showed the greatest investments in cloud infrastructure (44%), accelerated digital transformation (42%), and adoption of cloud applications (36%). A full 45% of this enterprise group also purchased or planned to purchase additional IT tools, which makes tools the greatest area of interest for both our smallest and largest companies. As you can see, spending at the enterprise level is similar across all areas, with only a nine-point spread between the largest and smallest investment areas.
The second group represents mid-size enterprises that have between 100 to 1,000 employees. This group also showed tightly clustered spending priorities, with only 10 points between the largest and smallest investment areas. Unlike the other two groups, mid-size enterprises invested most heavily in cloud applications, at a rate of 36%. This is followed by additional IT tools (34%), cloud infrastructure (33%), and digital transformation acceleration (26%).
Only 20% of our respondents are small businesses with fewer than 100 employees. A full 50% of these companies either purchased or planned to purchase additional IT tools, which is by far the largest spending area for companies that size. Only 19% of those companies increased investments in cloud infrastructure, although 28% had adopted cloud applications like Office 365, and 37% accelerated their digital transformation plans.
We cannot compare the Microsoft respondents directly to any single group in our survey, but their results are still interesting here. The majority of the U.S. respondents increased their cybersecurity budgets by up to 25% and added security expertise through hiring or outsourcing to a third party. A total of 81% of respondents worldwide felt pressured to reduce security costs while simultaneously increasing their security investments. Roughly 40% of them are prioritizing investments in cloud security to help mitigate these costs, and 26% are investing specifically in anti-phishing tools. Mike’s blog post has more details and a breakdown of these priorities.
Post-pandemic cybersecurity efforts
IT decision-makers have mixed feelings on the long-term impacts of these COVID-19 investments. A full 41% of our respondents said these changes would make cybersecurity efforts easier when things get back to ‘normal,’ while 33% said the changes will make security efforts more difficult. At the same time, 26% said these changes will not make a difference.
It’s encouraging that most respondents believe they have improved their cybersecurity position during the pandemic, but that’s only 8% more than the number of decisionmakers who think that the pandemic made things worse. Why are they feeling this way?
These results may have been influenced by any number of things that happened when business-as-usual was initially disrupted, as well as future scenarios that many companies just can’t predict right now.
The results of our survey suggest that companies have not yet solved their pandemic-related challenges. When you look at all of the information gathered in this research, it appears that many companies are using this time to reimagine their businesses as digital enterprises.