Cybersecurity Budgets Rise But Not In Line With Threats

Uploaded on 2016-04-08 in FREE TO VIEW, NEWS-Cybersecurity News

The survey reveals that for over two thirds of members, information security budgets have increased, while a further 15% said that they had stayed the same. 

The Institute of Information Security Professionals (IISP) has announced the findings from its 2016 member survey. With over 2,500 members working in security across a wide range of industries and roles, including a significant proportion at Senior/Lead/CISO level, the results of the IISP provide an accurate snapshot of the state of the UK cyber security landscape from those working on the frontline.

The survey reveals that for over two thirds of members, information security budgets have increased, while a further 15% said that they had stayed the same. These are encouraging figures but they have to be examined alongside increasing risk and the survey also found that 60% of respondents felt that budgets were still not keeping pace with the rise in the level of threats. Only 7% reported they were rising faster than the level of threat.

“In times of financial pressure or instability as we have seen in recent years, security is often seen as a supporting function or an overhead,” said Piers Wilson, Director at IISP. “Security budgets are hard won because they are about protection against future issues, so are a good indication of the state of risk awareness in the wider business community. While it is good news that businesses are increasing investment, it is clear that spending on security is still not at a level that matches the changing threat landscape.”

The survey also found that when it comes to recruitment, there is still a skills shortage but the problem doesn’t just lie in the number of people. Respondents point to a shortfall in the level of skills and experience, making staff training, development and retention crucial to the future of the industry.

The question: “As an industry are we getting better or worse at defending systems from attack and protecting data?” generated encouraging responses, with only 10% thinking that protection is declining. With growing recognition that despite every control and safeguard, a determined attacker will always be able to find a chink in the armour, the survey looked at incident response. Again, this was a fairly positive picture with an impressive 49% reporting improvement.

Overall, the results of the IISP Member survey show that there are growing challenges from more types of attack, more sources of threats, greater reliance on increasingly complex IT systems, shortage of effective security staff and a regulatory environment that is both fluid and challenging. However, the heightened awareness of security risks and the impacts of a breach are driving an increase in investment, skills, experience, education and professionalism.

“While there is clearly much more to be done, the results of the IISP Member survey are encouraging,” concludes Piers Wilson.
 
A copy of the IISP white paper on the results of the survey is available here 

IT Security: http://bit.ly/1S2q9Wz

« BYOD Security Report
Typo Thwarts Hackers In $1B Cyber Heist »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Venafi

Venafi

Venafi is a world-class cyber-security company dedicated to protecting machine identities for our hyper-connected digital economy.

Internet Security Alliance (ISA)

Internet Security Alliance (ISA)

ISA is an international trade association providing thought leadership in advancing a sustainable system of cyber security.

Secure India

Secure India

Secure India provides Forensic Solutions that help Government and Business in dealing with prevention and resolution of Cyber related threats.

Digital Defense Inc (DDI)

Digital Defense Inc (DDI)

DDI offers vulnerability scanning, penetration testing, web application testing, social engineering and additional security assessments.

IGX Global

IGX Global

IGX Global is a provider of information network and security integration services and products.

Sera-Brynn

Sera-Brynn

Sera-Brynn is one of the highest-ranked, pure-play cybersecurity compliance and advisory firms in the world.

CipherTrace

CipherTrace

CipherTrace develops cryptocurrency Anti-Money Laundering, cryptocurrency forensics, and blockchain threat intelligence solutions.

R2S Technologies

R2S Technologies

R2S can help you implement a cyber security framework to ensure your business is more resilient towards the growing threat of cyber crime. We provide Web and Mobile Application Security Assessment..

6point6

6point6

6point6 is a technology consultancy with strong expertise in digital transformation, emerging technology and cyber security.

Cybriant

Cybriant

Cybriant Strategic Security Services provide a framework for architecting, constructing, and maintaining a secure business with policy and performance alignment.

QuoIntelligence

QuoIntelligence

QuoIntelligence experts can help your team understand the evolving cyber threats and provide simple yet comprehensive recommendations so you can focus on what matters.

VC3

VC3

VC3 provides a full range of Information Technology Solutions and Services to hundreds of municipalities and organizations throughout the USA.

RIoT Secure

RIoT Secure

RIoT Secure AB is a technology enabler within the IoT industry - created with a vision to ensure security technology exists in the foundations of software development for IoT solutions.

Onum

Onum

Onum helps security and IT leaders focus on the data that's most important. Gain control of your data by cutting through the noise for deep insights in real time.

Dedagroup (Deda)

Dedagroup (Deda)

Dedagroup provide application solutions and IT services to bring innovation at the core of business processes.

StackGen

StackGen

StackGen (formerly appCD) automatically generates Infrastructure from Code (IfC) based on application code with golden standards applied.