Information security budgets will increase in 2014, with 45 per cent of organisations planning to spend more this year and only 11 per cent cutting back, according to the latest Information Security Study from 451 Research.
Security tech budgets rising, says new study
But report author Daniel Kennedy warns that while security budgets and teams are growing – driven by “a near-constant drumbeat of breaches alongside ever-tightening regulation” – the security function “is still small, stuck in IT, and writing policies that half of the time are not being followed”.
The survey confirms that nearly half the 207 security managers interviewed think their information security policy is ineffective.
The study also finds that potentially box-ticking compliance is driving cyber security project priorities. “A whopping 38 percent of interviewed security managers noted that most project selection and approval was predicated on ‘compliance deciding’, more than double any other method of project selection,” Kennedy said. He calls this “an outsized role for compliance in security”.
The two big technology trends this year will be mobile security and security information gathering – with 46 per cent of enterprises planning to spend more on mobile device management (MDM), the same number spending more on SIEM, while 40 per cent and 37 per cent are increasing their spend on identity management and event log management systems respectively.
Mobile device management – driven by the Bring Your Own Device (BYOD) trend – is the top source of pain at 18 per cent of large enterprises. But MDM adoption is rising rapidly, from 46 per cent of organisations using it last year to 59 per cent this year.
On staffing levels, 451 Research says that while numbers are growing, “the 2014 security team is still fairly small in most enterprises and perhaps too under-staffed to do all the projects it is being asked to do”.
Commenting on these findings, Amanda Finch, general manager of the UK-based Institute of Information Security Professionals (IISP), believes that security staffing is the most critical success factor.
“The whole information security landscape is getting more complicated, so organisations are likely to need more people to cover the increasing number of different disciplines involved,” she told SCMagazineUK.com.
Finch added: “You need to understand your organisation and what you should be protecting, and what you should be protecting in-house and out of house. Having worked in this space for a long time, it doesn’t get any easier. These are the latest round of challenges that we have to face but in essence it all has to go back to risk management.”
Meanwhile, Daniel Kennedy said that the “pronounced role of compliance” in security projects could be good or bad.
This article has been extracted from http://www.scmagazineuk.com, please click on this link to read the article in full http://www.scmagazineuk.com/security-tech-budgets-rising-says-new-study/article/337749/
Montash is a multi-award winning , global IT recruitment firm. Specialising in permanent and contract positions across mid-senior appointments across a wide range of industry sectors and IT functions including:
ERP, BI & Data, Information Security, IT Architecture & Strategy, Scientific Technologies, Demand IT and Business Engagement, Digital and E-commerce, Infrastructure and Service Delivery, Project and Programme Delivery.
For more information please contact us on +44 (0) 20 7014 0230 or alternatively send us an email on firstname.lastname@example.org.