Cybersecurity budgeting and spending trends 2020: How does yours compare?

Cybersecurity spending grows

Protecting data and assets becomes more complicated as threats evolve. Cybersecurity budgets continue to grow every year, reflecting this complexity. Analyst data shows that spending on cybersecurity is not only growing, but also growing faster than IT spending overall.

Gartner has estimated that worldwide security spending grew 10.5% in 2019, compared to 0.4% growth in IT spending. The Enterprise Strategy Group (ESG) also found that the majority of organizations planned to increase their spending in 2020. Research published recently by ESG showed that 62% of surveyed organizations said they would increase their spending, and only 36% said they would keep budgets flat. Considering that cybersecurity is on top of the agenda for many executives, it’s likely that budgets will keep growing.

How much are companies spending on cybersecurity?

Cybersecurity budgets vary based on industry, company size, business model, risk appetite and various other criteria. But size isn’t necessarily a major factor in how much of the IT budget is dedicated to security. A CIO survey asked nearly 700 IT executives how much of their IT budget went to security, and the mean answer, regardless of company size, was 15%. 

As a rough benchmark, a Cisco Security report determined that 46% of midmarket organizations (with 250-999 employees) spent less than $250,000 in 2019, while 43% spent $250,000 to $999,000. For larger companies (1,000–9,999 employees), the most common spend was $250,000–$999,999, while large enterprises with more than 10,000 employees were more likely to spend over $1 million on their security programs.

What are the security spending priorities?

As new threats emerge, organizations change their security priorities accordingly. Digital transformation also plays a role, especially as organizations continue to shift infrastructure, workloads and applications to the cloud. 

Another factor that impacts security budget allocations is regulatory (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Rodika Tollefson. Read the original post at: