Friend
Professional
- Messages
- 2,653
- Reaction score
- 845
- Points
- 113
How do CISOs cope with the lack of funding for security?
Research organizations IANS Research and Artico Search recently published a joint report on security budgets for 2024, revealing key trends in funding and staffing amid global economic challenges. The study is based on data from a survey of more than 750 Chief Information Security Officers (CISOs) collected from April to August of this year.
Amid global uncertainties, including economic and geopolitical factors, companies continue to be cautious about spending, and this is reflected in safety budgets. Most of them remain at the same level or increase very insignificantly.
"The slight increase in cybersecurity budgets this year demonstrates the need for strategic investments in a challenging economic environment," said Nick Kakolowski, senior director of research at IANS. Protecting against growing threats such as AI attacks remains a priority, he said, but budgets are allocated with great care.
Key findings of the report:
1. Security budgets grew by 8%, up from 6% in 2023, but this is still lower than in 2021 and 2022, when growth reached 16% and 17%, respectively. A quarter of respondents reported stable budgets, and 12% reported a decrease in funding.
2. Security spending continues to rise compared to total IT spending. Over the past five years, the share of security budgets in IT has grown from 8.6% in 2020 to 13.2% in 2024. This confirms the growing importance of protecting against cyber threats in the corporate environment.
3. External factors, such as incidents and new risks associated with AI adoption, often lead to significant budget increases. Internal changes, including company expansions and mergers, also play an important role in justifying increased costs.
4. Budget growth differs depending on the industry. In the financial sector, IT, retail and the legal sector, there is an improvement in indicators compared to last year, but they remain at the level of single percentages. At the same time, further reductions were recorded in healthcare and consumer services.
5. Recruitment is slowing despite rising budgets. In 2024, the growth in the number of employees decreased to 12%, although in 2022 this figure was 31%. Many companies maintain a stable staff, which creates an additional burden on cybersecurity teams.
Steve Martano, an expert at IANS and an executive recruiter at Artico Search, noted that attracting new employees was a challenge for the CISO. Teams are forced to cope with increasing tasks with reduced resources, which increases the pressure on managers and their subordinates.
Managers should keep in mind that the effectiveness of cybersecurity is not always directly proportional to the size of the budget. Companies that are able to optimize processes and stimulate innovative thinking among employees can achieve a high level of protection even with limited resources.
The key factor is not only the introduction of advanced technologies, but also the development of human potential. The skills, creativity, and adaptability of security professionals are crucial. In an environment of economic instability, it is the cohesive and motivated teams that can create the most reliable shield against the ever-evolving cyber threats.
Source
Research organizations IANS Research and Artico Search recently published a joint report on security budgets for 2024, revealing key trends in funding and staffing amid global economic challenges. The study is based on data from a survey of more than 750 Chief Information Security Officers (CISOs) collected from April to August of this year.
Amid global uncertainties, including economic and geopolitical factors, companies continue to be cautious about spending, and this is reflected in safety budgets. Most of them remain at the same level or increase very insignificantly.
"The slight increase in cybersecurity budgets this year demonstrates the need for strategic investments in a challenging economic environment," said Nick Kakolowski, senior director of research at IANS. Protecting against growing threats such as AI attacks remains a priority, he said, but budgets are allocated with great care.
Key findings of the report:
1. Security budgets grew by 8%, up from 6% in 2023, but this is still lower than in 2021 and 2022, when growth reached 16% and 17%, respectively. A quarter of respondents reported stable budgets, and 12% reported a decrease in funding.
2. Security spending continues to rise compared to total IT spending. Over the past five years, the share of security budgets in IT has grown from 8.6% in 2020 to 13.2% in 2024. This confirms the growing importance of protecting against cyber threats in the corporate environment.
3. External factors, such as incidents and new risks associated with AI adoption, often lead to significant budget increases. Internal changes, including company expansions and mergers, also play an important role in justifying increased costs.
4. Budget growth differs depending on the industry. In the financial sector, IT, retail and the legal sector, there is an improvement in indicators compared to last year, but they remain at the level of single percentages. At the same time, further reductions were recorded in healthcare and consumer services.
5. Recruitment is slowing despite rising budgets. In 2024, the growth in the number of employees decreased to 12%, although in 2022 this figure was 31%. Many companies maintain a stable staff, which creates an additional burden on cybersecurity teams.
Steve Martano, an expert at IANS and an executive recruiter at Artico Search, noted that attracting new employees was a challenge for the CISO. Teams are forced to cope with increasing tasks with reduced resources, which increases the pressure on managers and their subordinates.
Managers should keep in mind that the effectiveness of cybersecurity is not always directly proportional to the size of the budget. Companies that are able to optimize processes and stimulate innovative thinking among employees can achieve a high level of protection even with limited resources.
The key factor is not only the introduction of advanced technologies, but also the development of human potential. The skills, creativity, and adaptability of security professionals are crucial. In an environment of economic instability, it is the cohesive and motivated teams that can create the most reliable shield against the ever-evolving cyber threats.
Source
