Security budgets are growing, but not fast enough

As an answer to the ever increasing threats of cyber-attacks, the security budgets across various industries are growing, a new survey by The Institute of Information Security Professionals (IISP) suggests.

However, the rise in budgets is not enough to tackle the problem.

The report is based on answers of more than 2,500 members of the Institute, working in security across various industries, including a significant proportion at Senior/Lead/CISO level.

In it, it says that for more than 75 per cent of members the security budgets have increased, with another 15 per cent saying their budgets have stayed the same. Still, 60 per cent of respondents said that the budgets were still lagging behind the rise in the level of threats.

“In times of financial pressure or instability as we have seen in recent years, security is often seen as a supporting function or an overhead,” said Piers Wilson, Director at IISP. “Security budgets are hard won because they are about protection against future issues, so are a good indication of the state of risk awareness in the wider business community. While it is good news that businesses are increasing investment, it is clear that spending on security is still not at a level that matches the changing threat landscape.”

Another problem, once again, is in the shortage of staff. But that, the report says, doesn’t just mean the shortage of actual people – it also means the lack of required skills and experience necessary.

That’s why training and development are among the most important elements for the industry’s future.