Cybersecurity Budgets Rise But Not In Line With Threats

The survey reveals that for over two thirds of members, information security budgets have increased, while a further 15% said that they had stayed the same. 

The Institute of Information Security Professionals (IISP) has announced the findings from its 2016 member survey. With over 2,500 members working in security across a wide range of industries and roles, including a significant proportion at Senior/Lead/CISO level, the results of the IISP provide an accurate snapshot of the state of the UK cyber security landscape from those working on the frontline.

The survey reveals that for over two thirds of members, information security budgets have increased, while a further 15% said that they had stayed the same. These are encouraging figures but they have to be examined alongside increasing risk and the survey also found that 60% of respondents felt that budgets were still not keeping pace with the rise in the level of threats. Only 7% reported they were rising faster than the level of threat.

“In times of financial pressure or instability as we have seen in recent years, security is often seen as a supporting function or an overhead,” said Piers Wilson, Director at IISP. “Security budgets are hard won because they are about protection against future issues, so are a good indication of the state of risk awareness in the wider business community. While it is good news that businesses are increasing investment, it is clear that spending on security is still not at a level that matches the changing threat landscape.”

The survey also found that when it comes to recruitment, there is still a skills shortage but the problem doesn’t just lie in the number of people. Respondents point to a shortfall in the level of skills and experience, making staff training, development and retention crucial to the future of the industry.

The question: “As an industry are we getting better or worse at defending systems from attack and protecting data?” generated encouraging responses, with only 10% thinking that protection is declining. With growing recognition that despite every control and safeguard, a determined attacker will always be able to find a chink in the armour, the survey looked at incident response. Again, this was a fairly positive picture with an impressive 49% reporting improvement.

Overall, the results of the IISP Member survey show that there are growing challenges from more types of attack, more sources of threats, greater reliance on increasingly complex IT systems, shortage of effective security staff and a regulatory environment that is both fluid and challenging. However, the heightened awareness of security risks and the impacts of a breach are driving an increase in investment, skills, experience, education and professionalism.

“While there is clearly much more to be done, the results of the IISP Member survey are encouraging,” concludes Piers Wilson.
 
A copy of the IISP white paper on the results of the survey is available here 

IT Security: http://bit.ly/1S2q9Wz

« BYOD Security Report
Typo Thwarts Hackers In $1B Cyber Heist »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CW Jobs

CW Jobs

CWJobs.co.uk is a leading specialist IT recruitment website covering all areas of IT including Cyber Security.

ForgeRock

ForgeRock

ForgeRock, the leader in digital identity, delivers comprehensive Identity and Access Management solutions for consumers, employees and things to simply and safely access the connected world.

Institute for Critical Infrastructure Technology (ICIT)

Institute for Critical Infrastructure Technology (ICIT)

ICIT is a leading cybersecurity think tank providing objective research, advisory, and education to legislative, commercial, and public-sector cybersecurity stakeholders.

Communications Security Establishment (CSE)

Communications Security Establishment (CSE)

CSE is Canada's national cryptologic agency, providing the Government of Canada with IT Security and foreign signals intelligence (SIGINT) services.

Advanced Software Products Group (ASPG)

Advanced Software Products Group (ASPG)

ASPG offers a wide range of innovative mainframe software solutions for Data Security, Access Management, System Management and CICS productivity.

Medigate

Medigate

Medigate is a dedicated medical device security platform protecting all of the connected medical devices on health care provider networks.

Infigo IS

Infigo IS

INFIGO IS specializes in information security consulting services. Our employees are leading information security experts in Croatia.

ABS Group

ABS Group

ABS Group provides risk and reliability solutions and technical services that help clients confirm the safety, integrity and security of critical assets and operations.

Rogers Cybersecure Catalyst

Rogers Cybersecure Catalyst

Rogers Cybersecure Catalyst helps Canadians and Canadian companies seize the opportunities and tackle the challenges of cybersecurity.

Ascend Technologies

Ascend Technologies

Ascend Technologies offers a full suite of managed IT services including: Cloud & Infrastructure Management, Cybersecurity Management, Service Desk Management, Application Management , Data Management

Park Place Technologies

Park Place Technologies

Park Place Technologies' mission is to drive uptime, performance and value for critical IT infrastructure.

Guardsman Cyber Intelligence (GCI)

Guardsman Cyber Intelligence (GCI)

GCI provides proven cyber intelligence solutions to protect your business against ever present physical and digital threats shadowing your online business.

Spera Security

Spera Security

Spera helps identity security professionals effectively and confidently measure, prioritize and reduce identity risk to better protect the organization from identity-based attacks.

ETI-NET

ETI-NET

ETI-NET is the worldwide leader in managing critical data for industries that never stop.

eGyanamTech (EGT)

eGyanamTech (EGT)

eGyanamTech provides robust security solutions tailored for Operational Technology (OT) and Supervisory Control and Data Acquisition (SCADA) systems used in critical infrastructure systems.

SSL2BUY

SSL2BUY

SSL2BUY is a leading SSL certificate provider, authorized to sell top CA brands like Comodo, DigiCert, GlobalSign, Thawte, GeoTrust and more.