Skip to main content

A Global Exploration of IT Security Budget Trends

Chief Information Security Officers (CISOs) have updated their IT security plans for 2017, due to ongoing concerns about new threats. Worldwide, IT organizations currently spend an average of 5.6 percent of their IT budget on IT security, according to the latest market study by Gartner.

However, the study uncovered that security spending can range from 1 to 13 percent of an organization's overall IT budget.

"Clients want to know if what they are spending on information security is equivalent to others in their industry, geography and size of business in order to evaluate whether they are practicing due diligence in security and related programs," said Rob McMillan, research director at Gartner.

That said, Gartner analysts believe that comparisons with industry averages are of limited value. CISOs could be spending at the same level as the peer group, yet be spending on the wrong things and are therefore vulnerable.

IT Security Market Development

According to the Gartner assessment, vendors could benefit, because the majority of organizations will continue to use average IT security spending figures as a proxy for assessing their security posture through 2020.

Without the context of business requirements, risk tolerance and satisfaction levels, the metric of IT security spending, by itself, doesn't provide valid comparative information that should be used to allocate resources.

Moreover, IT spending statistics alone do not measure IT effectiveness. They're not a gauge of successful IT organizations. They simply provide a view of average costs, without regard to complexity or demand.

Any statistics on explicit security spending are inherently soft, because they understate the true magnitude of enterprise investments in IT security -- since security features are being incorporated into hardware, software, activities or initiatives not specifically dedicated to security.

That's why many organizations do not know their real security budget. It's partly because few cost accounting systems break out security as a separate line item, and many security-relevant processes are carried out by staff who are not devoted full-time to security.

Gartner also believes that, in most instances, the CISO does not have insight into security spending throughout the enterprise.  Moreover, the very secure organizations can spend less than average on security as a percentage of their IT budget.

The lowest-spending 20 percent are composed of two distinctly different types of organizations. Un-secure organizations that under-spend, and secure organizations that have implemented best practices for IT security that reduce the overall complexity of their IT infrastructure by limiting security vulnerabilities.

Outlook for IT Security Spending Trends

According to Gartner, organizations should be spending between 4 and 7 percent of their IT budgets on IT security -- lower in the range if they have mature systems, higher if they are wide open and at risk. This represents the budget under the control and responsibility of the CISO, and not the "real" or total budget.

To demonstrate due care in information security, organizations must also assess their risks and understand both the CISO's security budget and the "real" security budget found in the complicated range of accounts that may not capture all security spending.

"A CISO who has knowledge of all of the security functions taking place within the organization as well as those that are necessary but missing and the way in which those functions are funded, is likely to use indirectly funded functions to greater advantage," McMillan concluded.

Popular posts from this blog

Digital Transformation Spending Reaches $1.8 Trillion

Ongoing investment in business technology will remain on track, despite concerns about the global economic outlook which continues to evolve in 2022. Enterprise CIOs and CTOs are focused on operational profitability and digital business growth goals that are enabled by strategic IT initiatives. Global spending on the Digital Transformation (DX) of business practices, products, and organizations is forecast to reach $1.8 trillion in 2022 -- that's an increase of 17.6 percent over 2021, according to the latest market study by International Data Corporation (IDC). Many anticipated DX investments will sustain this pace of growth throughout the 2021-2025 forecast period, with a five-year compound annual growth rate (CAGR) of 16.6 percent. Digital Transformation Global Market Development "IDC expects to see aggressive DX technology investment growth in 2022 following a minor slowdown during the pandemic period," said Craig Simpson, senior research manager at IDC . "As orga

Why Cloud-Native is The Future of IT Spending

The leading organizations that create a digital transformation plan will gain the most from their use of public cloud computing. However, some CIO and CTO leaders still struggle with how to build a modern cloud migration strategy. The worldwide cloud computing Infrastructure as a Service (IaaS) market grew 41.4 percent in 2021, to a total of $90.9 billion -- that's up from $64.3 billion in 2020, according to the latest market study by Gartner. "The IaaS market continues to grow unabated as cloud-native becomes the primary architecture for modern workloads," said Sid Nag, vice president and analyst at Gartner . Cloud IaaS Market Development Cloud supports the scalability and composability that advanced technologies and applications require, while also enabling enterprise leaders to address emerging needs such as sovereignty, data integration, and enhanced customer experience. In 2021, the top five IaaS providers accounted for over 80 percent of the market. Amazon AWS conti

Private 5G Networks and Enterprise Wi-Fi Converge

The global enterprise wireless networking market is evolving. Driven by a desire to take advantage of the available 6 GHz communications spectrum, with greatly improved broadband throughput and latency rates, more organizations may choose to adopt Wi-Fi 6E technologies. According to the latest worldwide market study by ABI Research, shipments of Wi-Fi 6E access points and routers will rise from 1.5 million units in 2022 to 5.2 million units by 2024. Wireless spectrum expansion is just one facet of the commercial wireless network market transition, as the technology of Wi-Fi customer premise equipment will be upgraded once again with Wi-Fi 7 (IEEE 802.11be standard) devices. Enterprise Wireless Network Market Development "The adoption of Wi-Fi 7 access points will accelerate following the protocols standardization in 2024, and just two years later, most 6 GHz enabled access point shipments will be supporting Wi-Fi 7," said Andrew Spivey, industry analyst at ABI Research . Anot