Skip to main content

A Global Exploration of IT Security Budget Trends

Chief Information Security Officers (CISOs) have updated their IT security plans for 2017, due to ongoing concerns about new threats. Worldwide, IT organizations currently spend an average of 5.6 percent of their IT budget on IT security, according to the latest market study by Gartner.

However, the study uncovered that security spending can range from 1 to 13 percent of an organization's overall IT budget.

"Clients want to know if what they are spending on information security is equivalent to others in their industry, geography and size of business in order to evaluate whether they are practicing due diligence in security and related programs," said Rob McMillan, research director at Gartner.

That said, Gartner analysts believe that comparisons with industry averages are of limited value. CISOs could be spending at the same level as the peer group, yet be spending on the wrong things and are therefore vulnerable.

IT Security Market Development

According to the Gartner assessment, vendors could benefit, because the majority of organizations will continue to use average IT security spending figures as a proxy for assessing their security posture through 2020.

Without the context of business requirements, risk tolerance and satisfaction levels, the metric of IT security spending, by itself, doesn't provide valid comparative information that should be used to allocate resources.

Moreover, IT spending statistics alone do not measure IT effectiveness. They're not a gauge of successful IT organizations. They simply provide a view of average costs, without regard to complexity or demand.

Any statistics on explicit security spending are inherently soft, because they understate the true magnitude of enterprise investments in IT security -- since security features are being incorporated into hardware, software, activities or initiatives not specifically dedicated to security.

That's why many organizations do not know their real security budget. It's partly because few cost accounting systems break out security as a separate line item, and many security-relevant processes are carried out by staff who are not devoted full-time to security.

Gartner also believes that, in most instances, the CISO does not have insight into security spending throughout the enterprise.  Moreover, the very secure organizations can spend less than average on security as a percentage of their IT budget.

The lowest-spending 20 percent are composed of two distinctly different types of organizations. Un-secure organizations that under-spend, and secure organizations that have implemented best practices for IT security that reduce the overall complexity of their IT infrastructure by limiting security vulnerabilities.

Outlook for IT Security Spending Trends

According to Gartner, organizations should be spending between 4 and 7 percent of their IT budgets on IT security -- lower in the range if they have mature systems, higher if they are wide open and at risk. This represents the budget under the control and responsibility of the CISO, and not the "real" or total budget.

To demonstrate due care in information security, organizations must also assess their risks and understand both the CISO's security budget and the "real" security budget found in the complicated range of accounts that may not capture all security spending.

"A CISO who has knowledge of all of the security functions taking place within the organization as well as those that are necessary but missing and the way in which those functions are funded, is likely to use indirectly funded functions to greater advantage," McMillan concluded.

Popular posts from this blog

How the COVID-19 Pandemic Advanced Telehealth Adoption

The global COVID-19 pandemic has accelerated digital transformation across many industries. As an example, consider the healthcare sector. Some routine medical situations can be diagnosed and resolved online. While the trend was already in motion long before the pandemic arrived, the adoption of telehealth increased rapidly in 2020. Around the world, many governments responded to the disruption and inaccessibility of healthcare facilities by loosening previous regulations and restrictions on the practice of telemedicine apps, and teleconsultations. This decision resulted in the mass adoption of these medical services among patients and providers. According to the latest market study by Juniper Research, telemedicine will save the healthcare industry $21 billion in costs by 2025 -- that's rising from an estimated $11 billion in 2021. This increased app usage represents an anticipated growth rate of over 80 percent in the next four years. Telehealth Services Market Development The co

Worldwide Semiconductor Demand will Accelerate in 2021

The technology sector is a key driver of the U.S. economy. Therefore, components like semiconductors play an important role in America's future. The 'CHIPS for America Act' is a new law that calls for incentives on domestic semiconductor manufacturing and investments in research and development. But these renewed efforts will require years of ongoing commitment. Meanwhile, despite the impact of the COVID-19 pandemic, the semiconductor market performed well in 2020. However, new demand by industry was uneven throughout last year due to global lockdowns, remote working adoption, and shifts in consumer and commercial buying behavior. Worldwide semiconductor revenue grew to $464 billion in 2020 -- that's an increase of 10.8 percent compared to 2019, according to the latest market study by International Data Corporation (IDC). Semiconductor Technology Market Development IDC now forecasts that the semiconductor market will reach $522 billion in 2021, that's a 12.5 percent

Hyper-automation Propels Superior Business Process Redesign

When the world was disrupted by a global pandemic during 2020, many CEOs and their board of directors were consumed by reacting to immediate problems. Meanwhile, a few forwarding-thinking enterprise leaders also paused to invest in accelerating their prescient digital transformation agenda. What enables executives to envision an opportunity while others see only challenges? Strategic foresight, and a willingness to embrace the apparent changes that are transforming the legacy status quo. During this period of uncertainty, hyper-automation investment has gained new momentum. Hyperautomation is the application of advanced technologies that augment humans by helping to streamline processes in new ways that are significantly more impactful than the legacy approach. Hyperautomation Market Development The global market for technology that enables hyperautomation will reach $596.6 billion in 2022, according to the latest worldwide market study by Gartner. This is up from $481.6 billion in 202