On the heels of high-profile data breach events such as the Target and Neiman Marcus thefts, there are reports of increasing budgets for corporate IT security departments. This week, a survey released by BAE Systems Applied Intelligence detailed the increases in security budgets across the globe. In the United States, 60 percent of those surveyed said their cyber security budget would increase as a direct result of recent attacks. A similar result can be found in other regions – 49 percent in Britain, 54 percent in Canada and 64 percent in Australia.
However, even before these recent attacks, Gartner observed an increase in IT security budgets in our 2013 Global Risk Management Survey. In fact, 39% of the 2013 survey respondents have been allocated funds totaling more than 7% of the total IT budget. That compares with only 23% of survey respondents receiving a similar amount in 2011 (see figure below).
The big question here is whether companies are using these budget increases in the most effective way or simply reacting to their fears. The only clear way to know is to understand how your current IT security environment matches up with your IT risk profile. To do this, it is imperative to have a highly mature IT risk management program in place. Gartner can help you determine your IT risk management maturity with our ITScore online assessment tool. Click here to learn more about ITScore and how it can help you strengthen your program.
View Free, Relevant Gartner Research
Gartner's research helps you cut through the complexity and deliver the knowledge you need to make the right decisions quickly, and with confidence.Read Free Gartner Research
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.