Cybersecurity Budgets Rise But Not In Line With Threats

Uploaded on 2016-04-08 in FREE TO VIEW, NEWS-Cybersecurity News

The survey reveals that for over two thirds of members, information security budgets have increased, while a further 15% said that they had stayed the same. 

The Institute of Information Security Professionals (IISP) has announced the findings from its 2016 member survey. With over 2,500 members working in security across a wide range of industries and roles, including a significant proportion at Senior/Lead/CISO level, the results of the IISP provide an accurate snapshot of the state of the UK cyber security landscape from those working on the frontline.

The survey reveals that for over two thirds of members, information security budgets have increased, while a further 15% said that they had stayed the same. These are encouraging figures but they have to be examined alongside increasing risk and the survey also found that 60% of respondents felt that budgets were still not keeping pace with the rise in the level of threats. Only 7% reported they were rising faster than the level of threat.

“In times of financial pressure or instability as we have seen in recent years, security is often seen as a supporting function or an overhead,” said Piers Wilson, Director at IISP. “Security budgets are hard won because they are about protection against future issues, so are a good indication of the state of risk awareness in the wider business community. While it is good news that businesses are increasing investment, it is clear that spending on security is still not at a level that matches the changing threat landscape.”

The survey also found that when it comes to recruitment, there is still a skills shortage but the problem doesn’t just lie in the number of people. Respondents point to a shortfall in the level of skills and experience, making staff training, development and retention crucial to the future of the industry.

The question: “As an industry are we getting better or worse at defending systems from attack and protecting data?” generated encouraging responses, with only 10% thinking that protection is declining. With growing recognition that despite every control and safeguard, a determined attacker will always be able to find a chink in the armour, the survey looked at incident response. Again, this was a fairly positive picture with an impressive 49% reporting improvement.

Overall, the results of the IISP Member survey show that there are growing challenges from more types of attack, more sources of threats, greater reliance on increasingly complex IT systems, shortage of effective security staff and a regulatory environment that is both fluid and challenging. However, the heightened awareness of security risks and the impacts of a breach are driving an increase in investment, skills, experience, education and professionalism.

“While there is clearly much more to be done, the results of the IISP Member survey are encouraging,” concludes Piers Wilson.
 
A copy of the IISP white paper on the results of the survey is available here 

IT Security: http://bit.ly/1S2q9Wz

« BYOD Security Report
Typo Thwarts Hackers In $1B Cyber Heist »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Information Security Research Association (ISRA)

Information Security Research Association (ISRA)

ISRA is a non-profit organization focused on various aspects of Information Security including security research and cyber security awareness activities.

Netmarks Indonesia (NMID)

Netmarks Indonesia (NMID)

Netmarks Indonesia is an IT solutions provider offering services related to ICT infrastructure, digital transformation and cyber security.

Centre for Multidisciplinary Research, Innovation & Collaboration (C-MRiC)

Centre for Multidisciplinary Research, Innovation & Collaboration (C-MRiC)

C-MRiC collaborates on initiatives, ranging from national cyber security, enterprise security, information assurance, protection strategy, climate control to health and life sciences.

ChainSecurity

ChainSecurity

ChainSecurity provides products and services for securing smart contracts and blockchain protocols and conducts R&D in the areas of security, program analysis, and machine learning.

SafeTech Informatics & Consulting

SafeTech Informatics & Consulting

Safetech's OTShield detects, prevents and analyses cyber-attacks in SCADA and Industrial IoT systems by utilising state of the art deception techniques.

Vention

Vention

Vention (formerly iTechArt) is the partner of forward-thinking tech leaders around the globe.

IQ4 - Cybersecurity Workforce Alliance (CWA)

IQ4 - Cybersecurity Workforce Alliance (CWA)

Cybersecurity Workforce Alliance, a division of iQ4, is an organization comprised of a diverse range of professionals dedicated to the development of the cybersecurity workforce.

Char49

Char49

Char49 specialize in Penetration Testing, Red Team Assessment, Social Engineering and Security Research.

Global Cybersecurity Institute - Rochester Institute of Technology (RIT)

Global Cybersecurity Institute - Rochester Institute of Technology (RIT)

At RIT’s Global Cybersecurity Institute, we educate and train cybersecurity professionals; develop new cybersecurity and AI-based knowledge for industry, academia, and government.

Airgap Networks

Airgap Networks

Airgap is fixing the fundamental flaw of excessive trust. We help enterprises modernize their network for a simple and secure infrastructure.

OX Security

OX Security

OX is a DevOps software supply chain security solution. Teams can verify the integrity and security of every artifact using a pipeline bill of materials (PBOM).

Zitec

Zitec

One of Europe's largest and most prominent full-cycle software development services companies, Zitec is the digital transformation partner to companies in the EU, UK, USA, Canada and ME.

DNSFilter

DNSFilter

DNSFilter is the most accurate threat detection and content filtering tool on the market today.

Metrodata Group

Metrodata Group

PT. Metrodata Electronics, known as Metrodata Group, is the leading information communication technology company in Indonesia.

Idenhaus Consulting

Idenhaus Consulting

Idenhaus specializes in Cybersecurity and Identity Management (IAM) Consulting.

Harmony Intelligence

Harmony Intelligence

Harmony builds cutting-edge defensive AI products that safeguard people and critical infrastructure around the world from AI-powered threats.