ETR Insights presents an interview with the CISO and Vice President of IT Infrastructure for a large industrial manufacturing enterprise, which is navigating a tightening IT budget, layoffs, and potential cutbacks on hardware maintenance contracts and software licenses. Facing increased risks from nation-state cyberattacks, they’ve shifted budget allocation to prioritize security at the expense of delaying or canceling other IT projects. Read on to learn how this executive addresses “endless” vulnerability assessment, asset management, and generative AI's potential impact on IT security.
Economic Overview
This company’s IT budget had been flat for the previous two years but was recently revised lower, leading to layoffs and a critical assessment of their existing technology infrastructure. The mandated audit covered hardware, software, and services, with a focus on identifying areas for cost reduction without significantly impacting operations. “We had to trim some of the bells and whistles that we put in place a few years ago when things were better.” In particular, they are evaluating hardware maintenance contracts and software licenses. “With software, it all depends. Is it a subscription service? You're kind of locked into it if it's a subscription. If it's perpetual licensing that you have from a prior year, do you need to have support for upgrades?”
Enterprise Trends Commentary
International Conflict + Cyberattacks. The risk from nation-state actors has led to prioritizing its security budget, resulting in a reallocation of resources. “Other projects have been canceled, whether that's new business applications or new engineering tools. Some projects have been canceled, and some projects have been delayed so that we can continue to focus on security.” In particular, any projects tied to Department of Defense compliance remain a priority.
Security Trends. Our guest is uncertain as to the specific impacts of generative AI on security in the coming year, but is convinced that user awareness will be key. “We've been dealing with phishing for several years, and business email compromises, we've been hit with that several times. Having your employee base well-trained, aware, and knowing what to look for will go a long way as far as securing the environment.” They are also actively monitoring employees for potential internal security breaches, where “people are doing malicious work, maybe trying to steal intellectual property, take it to another company, or sell it.” The company conducts mandatory annual cybersecurity awareness programs and monthly phishing campaigns via the SANS Institute to sharpen employee vigilance. “The phishing attacks are getting ridiculous. They're going after cell phones, using texting now, and even through voice, calling people. We're just trying to educate everyone as best we can.”
The company presently uses Digital Guardian for endpoint data loss prevention security, though they plan to transition to CrowdStrike when the budget allows. Vulnerability assessment and management are persistent challenges; our guest favors Rapid7. “I could use another 20 people on my team just to keep up with everything. It's a losing battle, trying to keep everything updated and secure.” They ultimately plan to transition all endpoints to Microsoft Intune. “We just implemented Microsoft Intune for our mobile device management, and we're probably going to put all of our endpoints into that environment and probably start using that for software distribution and patch management.” However, this project, too, is on hold pending budget audits and revisions
ETR Data: January 2024 Technology Spending Intentions Survey (TSIS) data tracks the anticipated spending trajectory for the full calendar year of 2024 based on thousands of IT decision-maker responses. The chart above shows that Microsoft remains dominantly positioned in the security realm, with CrowdStrike also enjoying an elevated level of spending intent. While Splunk (and Rapid7) are seeing their spending growth deteriorate, Cisco remains very stable. Although IBM has a low level of spend growth on an absolute basis, the increase from prior year levels is very positive.
Standout Vendors. Our guest is generally neutral on Cisco’s acquisition of Splunk. “You're seeing more and more consolidation. Cisco is a trusted company, and I think it's fine.” While their organization predominantly uses IBM's QRadar system for SIEM, some Splunk is embedded within operations as a result of past acquisitions. They appreciate Splunk’s capabilities, but it never became a priority due to budget. That said, depending on how Cisco integrates Splunk, our guest imagines they might end up adopting it more broadly, much as they have Cisco’s Duo for multi-factor authentication and Umbrella for DNS filtering. They already use Cisco hardware for all of their switches and routers, which has led to expanded use of their security products and services.
ETR Data: Immediately following Cisco's announced acquisition of Splunk, the ETR team launched a flash survey querying customers of BOTH vendors to determine their initial reaction and the implications of the deal. In this data visualization, we see that the early response skewed favorably, with the most positive aspect being 66% of customers seeing a positive or very positive impact on Cisco’s products and strategy.
More broadly speaking, our guest favors “best-of-breed” technology, like CrowdStrike and Splunk, though notes vendors need to be regularly revisited. “What's ‘best-of-breed’ today may not necessarily be the best in 24 months or 36 months. Stick with the best products that you can possibly afford. If you have an unlimited budget, you want to put the best products in place, and you want to staff up.” That said, they would welcome any industry consolidation in the sector that would reduce cost—though they hope to avoid dominance by a single entity. “The price of some of these companies is outrageous. Take VMware for example; that acquisition price was ridiculous, but I do like the consolidation. However, I still want there to be several major players, because I don't want to see them monopolize like Microsoft has done. I like having a choice.”
Anticipated 2024 Industry Trends. While generative AI is a hot topic, our guest’s firm has opted for a conservative approach, limiting internal access to tools like ChatGPT. “We're never first to jump on new technologies at my company. We let other folks work out the bugs and the issues, and then we'll kind of come on board a little later.” Companies continue to reduce their physical footprint following COVID-19, an ongoing downsizing of physical offices and sites. “Trying to move more equipment or more applications out to the cloud, shutting down server rooms, and reducing facilities-type spend, so just more and more cloud computing where it makes sense.”
Cloud Adoption. Contrary to popular belief among executives and board members, moving to cloud computing does not necessarily mean a reduced need for an on-premise IT team or the elimination of IT roles. One is essentially simply relocating data and resources. “You're just taking stuff out of your building and putting it in another building.” Additionally, acquisition-focused companies may have difficulty migrating disparate legacy applications to the cloud. “You can't get Software-as-a-Service for some of this legacy stuff. There is still going to be an on-premise environment for a lot of people, for a lot of years.” Additionally, this executive states that the public cloud can be very expensive, especially for government-compliant levels of service as provided by AWS and Microsoft Azure. Lastly, a comment ETR hears from many industrial/manufacturing-based organizations arose again: a private cloud offers significant CAPEX accounting benefits.
If you would like to see the full interview summary or replay, check out the ETR Insights library, and while you're there, peruse hundreds more ITDM interviews and panels. You can also gain access to the entire research platform, including the industry's leading technology spending data, analysis, and ITDM commentary, with your own free trial.
Enterprise Technology Research (ETR) is a technology market research firm that leverages proprietary data from our targeted IT decision maker (ITDM) community to provide actionable insights about spending intentions and industry trends. Since 2010, we have worked diligently at achieving one goal: eliminating the need for opinions in enterprise research, which are often formed from incomplete, biased, and statistically insignificant data. Our community of ITDMs represents $1+ trillion in annual IT spend and is positioned to provide best-in-class customer/evaluator perspectives. ETR’s proprietary data and insights from this community empower institutional investors, technology companies, and ITDMs to navigate the complex enterprise technology landscape amid an expanding marketplace. Discover what ETR can do for you at www.etr.ai