Cybersecurity Budgets Rise But Not In Line With Threats

Uploaded on 2016-04-08 in FREE TO VIEW, NEWS-Cybersecurity News

The survey reveals that for over two thirds of members, information security budgets have increased, while a further 15% said that they had stayed the same. 

The Institute of Information Security Professionals (IISP) has announced the findings from its 2016 member survey. With over 2,500 members working in security across a wide range of industries and roles, including a significant proportion at Senior/Lead/CISO level, the results of the IISP provide an accurate snapshot of the state of the UK cyber security landscape from those working on the frontline.

The survey reveals that for over two thirds of members, information security budgets have increased, while a further 15% said that they had stayed the same. These are encouraging figures but they have to be examined alongside increasing risk and the survey also found that 60% of respondents felt that budgets were still not keeping pace with the rise in the level of threats. Only 7% reported they were rising faster than the level of threat.

“In times of financial pressure or instability as we have seen in recent years, security is often seen as a supporting function or an overhead,” said Piers Wilson, Director at IISP. “Security budgets are hard won because they are about protection against future issues, so are a good indication of the state of risk awareness in the wider business community. While it is good news that businesses are increasing investment, it is clear that spending on security is still not at a level that matches the changing threat landscape.”

The survey also found that when it comes to recruitment, there is still a skills shortage but the problem doesn’t just lie in the number of people. Respondents point to a shortfall in the level of skills and experience, making staff training, development and retention crucial to the future of the industry.

The question: “As an industry are we getting better or worse at defending systems from attack and protecting data?” generated encouraging responses, with only 10% thinking that protection is declining. With growing recognition that despite every control and safeguard, a determined attacker will always be able to find a chink in the armour, the survey looked at incident response. Again, this was a fairly positive picture with an impressive 49% reporting improvement.

Overall, the results of the IISP Member survey show that there are growing challenges from more types of attack, more sources of threats, greater reliance on increasingly complex IT systems, shortage of effective security staff and a regulatory environment that is both fluid and challenging. However, the heightened awareness of security risks and the impacts of a breach are driving an increase in investment, skills, experience, education and professionalism.

“While there is clearly much more to be done, the results of the IISP Member survey are encouraging,” concludes Piers Wilson.
 
A copy of the IISP white paper on the results of the survey is available here 

IT Security: http://bit.ly/1S2q9Wz

« BYOD Security Report
Typo Thwarts Hackers In $1B Cyber Heist »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

WhiteHat Security

WhiteHat Security

WhiteHat’s products enable customers to “Hack Yourself First” so that they gain a greater understanding of the actual risk to their business.

Octopus Cybercrime Community

Octopus Cybercrime Community

The Octopus Community is a platform for information sharing and cooperation on cybercrime and electronic evidence.

Cyber Data-Risk Managers

Cyber Data-Risk Managers

Cyber Data-Risk Managers Pty Ltd is an insurance broker based in Melbourne, Australia specializing in Cyber insurance / Data breach insurance.

French Expert Center Against Cybercrime (CECyF)

French Expert Center Against Cybercrime (CECyF)

CECyF is a centre of excellence for countering cybercrime in France.

Grimm Cyber

Grimm Cyber

GRIMM makes the world a more secure place by increasing the cyber resiliency of our client’s systems, networks, and products.

Cyber DriveWare

Cyber DriveWare

DriveWare analyzes new traffic in the I/O layer and blocks malware and cyber attacks which organizations have no means to protect against.

ElcomSoft

ElcomSoft

ElcomSoft is a global leader in computer and mobile forensics, IT security and forensic data recovery.

Physec

Physec

Physec offers innovative security products and solutions for the Internet of Things ecosystem.

Acuant

Acuant

Acuant is a leading global provider of identity verification, regulatory compliance (AML/KYC) and digital identity solutions.

LSoft Technologies

LSoft Technologies

LSoft Technologies is a leader in data recovery software technologies.

Bessemer Venture Partners (BVP)

Bessemer Venture Partners (BVP)

Bessemer Venture Partners was born from innovations that literally forged modern building and manufacturing. Today, our team of investors works with people who want to create revolutions of their own.

CHEQ

CHEQ

CHEQ provides fully autonomous, preemptive technology for brand safety and ad-fraud prevention.

Bionic

Bionic

Bionic is an agentless way to get control over your increasingly complex applications so you can manage, operate, and secure them faster and more efficiently.

MorganFranklin Consulting

MorganFranklin Consulting

MorganFranklin Consulting is a management advisory firm that works with businesses and government to address complex and transformational technology and business objectives including cybersecurity.

Dataprise

Dataprise

Dataprise is a leading IT managed services provider offering IT Management and Help Desk Support Services, Cloud Services, Information Security Solution, IT Strategy and Consulting.

CyRiSo

CyRiSo

CyRiSo is a cyber security consulting company with a focus on 'as-a-service' services for the most pressing challenges of cyber security.