Many organizations continue working on security budgets throughout calendar Q4 and into January, so even if you don’t get to have much sway on budget allocations for IT security, you will be interested in a recent Security Budget Research Roundup that includes research from IDC, Computerworld, Ponemon, EY, and CEB.
IT Budget Gains In 2014 – Forecasts for IT in general are an average budget increase of 4.06 percent.
Depending on whose research you’re looking at, 2014 figures range from 3-14% (including Federal).
Further, CEB finds that for IT security budgets, CISOs will have direct budget control of 86% of the security budget.
IT Security Staff Increasing in 2014 – IT security budgets typically devote about 50 percent of their spending to staffing. For 2014, hiring is forecast to increase up to 14 percent for many organizations. This is hopeful news, but the biggest challenge remains how to find and hire those qualified new staff members.
Computerworld’s 2014 Top Business Priorities according to their 2014 Forecast Survey for IT Spending. These business priorities relate to technology, but behind each IT spending project is a business initiative that requires the enabling technology.
IT and IT security budgets that align with business priorities will have greater success at getting full organizational support for the funding necessary. Unfortunately, Ponemon Institute’s extensive 2013 study the State of Risk-Based Security Management indicates that over half of those 1320 US and UK firms responding felt their existing security program metrics were not aligned (or were unsure if they were aligned) with the business priorities.
Each year, numerous industry research reports provide budget forecasting on expected spending for worldwide IT. Some add a focus within specific industries as well as technologies, but very few focus strictly on IT security.
Bringing a few of the most notable reports together provides a valuable roundup of information for IT operations, including forecasts of IT security spending.
This may be a time-saver for busy CIOs and CISOs and their teams who are seeking data to compare, support and defend possibly thin IT security budgets, or a needed increase to meet business priorities.
This report is organized to review what the research shows, business priorities and trends to tap, and strategies on how to defend your numbers.
Tripwire has also compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].
This publication is designed to assist executives by providing guidance for implementing broad baseline technical controls that are required to ensure a robust network security posture.
The author, a security and compliance architect, examined each of the Controls and has distilled key takeaways and areas of improvement. At the end of each section in the e-book, you’ll find a link to the fully annotated complete text of the Control.
Download your free copy of The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities today.
Definitive Guide to Attack Surface Analytics
Also: Pre-register today for a complimentary hardcopy or e-copy of the forthcoming Definitive Guide™ to Attack Surface Analytics. You will also gain access to exclusive, unpublished content as it becomes available.
* Show how security activities are enabling the business
* Balance security risk with business needs
* Continuously improve your extended enterprise security posture
Title image courtesy of ShutterStock