Enterprise security budgets slashed by a third; is spend appropriate?

Enterprises seem to be getting the message that security posture cannot be measured by pocket depth as budgets get cut.

The annual PwC information security survey is always good for a host of key results. The 2018 report doesn’t disappoint in this regard. Only 49 percent of organisations conduct penetration tests yet 28 percent have no idea how many cyber-attacks they suffered last year. Or how about only 44 percent of organisations in the UK that formally work with others in their industry to reduce potential future risk of attack, compared to 58 percent globally? Oh, and only 53 percent have any cross-organisational team working on cyber-security issues within the enterprise itself. All of which would be food for thought, but when you also consider that security budgets have dropped by a third (from £6.2 million to £3.9 million on average) the analytical indigestion really starts to kick in.

Click here to read complete article

2 thoughts on “Enterprise security budgets slashed by a third; is spend appropriate?

  • October 20, 2017 at 7:14 AM
    Permalink

    Surely what is actually needed are deep pockets combined with better strategic thinking? If we are ever going to get on top of the security issue then it needs more money spent on better solutions, including areas such as education/training.

    Reply
    • October 20, 2017 at 9:10 AM
      Permalink

      I can’t argue with any of that, apart from maybe the deep pockets bit. What is required would be better strategic thinking that bases the spend on actual need rather than assumed need. That way the pockets can be shallower and the security posture stronger.

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *