Skip to main content

A Global Exploration of IT Security Budget Trends

Chief Information Security Officers (CISOs) have updated their IT security plans for 2017, due to ongoing concerns about new threats. Worldwide, IT organizations currently spend an average of 5.6 percent of their IT budget on IT security, according to the latest market study by Gartner.

However, the study uncovered that security spending can range from 1 to 13 percent of an organization's overall IT budget.

"Clients want to know if what they are spending on information security is equivalent to others in their industry, geography and size of business in order to evaluate whether they are practicing due diligence in security and related programs," said Rob McMillan, research director at Gartner.

That said, Gartner analysts believe that comparisons with industry averages are of limited value. CISOs could be spending at the same level as the peer group, yet be spending on the wrong things and are therefore vulnerable.

IT Security Market Development

According to the Gartner assessment, vendors could benefit, because the majority of organizations will continue to use average IT security spending figures as a proxy for assessing their security posture through 2020.

Without the context of business requirements, risk tolerance and satisfaction levels, the metric of IT security spending, by itself, doesn't provide valid comparative information that should be used to allocate resources.

Moreover, IT spending statistics alone do not measure IT effectiveness. They're not a gauge of successful IT organizations. They simply provide a view of average costs, without regard to complexity or demand.

Any statistics on explicit security spending are inherently soft, because they understate the true magnitude of enterprise investments in IT security -- since security features are being incorporated into hardware, software, activities or initiatives not specifically dedicated to security.

That's why many organizations do not know their real security budget. It's partly because few cost accounting systems break out security as a separate line item, and many security-relevant processes are carried out by staff who are not devoted full-time to security.

Gartner also believes that, in most instances, the CISO does not have insight into security spending throughout the enterprise.  Moreover, the very secure organizations can spend less than average on security as a percentage of their IT budget.

The lowest-spending 20 percent are composed of two distinctly different types of organizations. Un-secure organizations that under-spend, and secure organizations that have implemented best practices for IT security that reduce the overall complexity of their IT infrastructure by limiting security vulnerabilities.

Outlook for IT Security Spending Trends

According to Gartner, organizations should be spending between 4 and 7 percent of their IT budgets on IT security -- lower in the range if they have mature systems, higher if they are wide open and at risk. This represents the budget under the control and responsibility of the CISO, and not the "real" or total budget.

To demonstrate due care in information security, organizations must also assess their risks and understand both the CISO's security budget and the "real" security budget found in the complicated range of accounts that may not capture all security spending.

"A CISO who has knowledge of all of the security functions taking place within the organization as well as those that are necessary but missing and the way in which those functions are funded, is likely to use indirectly funded functions to greater advantage," McMillan concluded.

Popular posts from this blog

Digital Transformation Investment at $3.4 Trillion

Business technology leadership matters. Across the globe, more leaders have been pursuing bold Digital Transformation (DX) initiatives with the goal of creating new sources of business value through digital products, services, and experiences. As an additional benefit, the COVID-19 pandemic revealed that digital transformation efforts improve an organization's resilience against global market disruptions. Global DX investment is forecast to reach $3.4 trillion in 2026 with a five-year compound annual growth rate (CAGR) of 16.3 percent, according to the latest worldwide market study by International Data Corporation (IDC). Digital Transformation Market Development "Despite strong headwinds from global supply chain constraints, soaring inflation, political uncertainty, and an impending recession, investment in digital transformation is expected to remain robust," said Craig Simpson, senior research manager at IDC . The benefits of investing in DX technology -- including aut

Artificial Intelligence for National Border Security

National border protection agencies are under pressure to provide the highest level of security in the face of growing threats, such as increasing illegal migration and international terrorism. Now, government agencies are embracing advanced border security technologies to aid in effectively and reliably securing national borders. These solutions look to detect and identify potential threats and prevent them from escalating to a point that may jeopardize security. Security Surveillance Market Development Traditional border security patrols and Closed-circuit Television (CCTV) surveillance systems aren't adequate protection, and agencies must increasingly deploy new solutions to stay ahead of criminals and other potential threats to ensure the safety of a country’s borders. According to the latest market study by Juniper Research, the value of the border security technology market will exceed $70 billion globally in 2027 -- that's rising from $48 billion in 2022. Growing by 47 p

How to Apply Sustainability to Drive Value Creation

Global climate change policy initiatives have been an emerging topic for CEOs and their leadership teams, as they look to the future. Many organizations are preparing to play their part and help reduce carbon emissions. Eighty-seven percent of business leaders expect to increase their organization’s investment in sustainability over the next two years, according to the latest worldwide market study by Gartner. Customers are the stakeholder group creating pressure for these organizations to invest or act on sustainability issues -- selected by 80 percent of executives, followed by investors (60 percent) and regulators (55 percent). Sustainability Market Development "Sustainability enables businesses to cope with disruption," said Kristin Moyer, VP analyst at Gartner . "Economic uncertainty, geopolitical conflict and escalating materials and energy costs are forcing businesses to reexamine all forms of expenditure." According to Gartner, this focus on essentialism --