Despite a worldwide increase in cybercrime, new research from Outpost24 has revealed that almost one in ten (nine percent) organizations say their IT security budget is actually decreasing year over year.
The study, which was carried out during this year’s RSA Conference, also found that 26 percent of organizations said their IT security budget is staying the same year over year despite the fact that 62 percent of respondents stating they do not know or do not believe that all of their organization’s digital assets are comprehensively secured.
When asked what makes their organization least prepared for cyberattacks, 31 percent said they did not have enough time to keep on top of threats targeting their business while 21 percent said it was not having the in house knowledge and expertise to remediate and triage any vulnerabilities found.
Surprisingly 13 percent of those surveyed felt they did not have enough c-level buy-in to support security while 26 percent said they didn’t’ believe their c-level executives and board members had a good enough understanding of the security threats targeting their organization.
Outpost24 also asked respondents about the frequency of security assessments on their network, cloud infrastructure, their end points, web applications, data and their users.
The firm found that seven percent never run assessments on their web applications, users, end points or data while 13 percent said they never run assessments on their cloud infrastructure. Thankfully though, a majority of those surveyed said they carry out continuous monitoring across their technology stack.
VP of Outpost24, Bob Egner explained that cybersecurity has grown beyond being just the concern of an organization’s IT department, saying:
“The findings from our study highlight that there is a wide gap between security teams and budget holders which is putting organisations at risk. With the average cost of data breaches exceeding $3.8 million, cybersecurity is very much a c-level and board member issue. Board members and c-level executives should have a comprehensive understanding of their organisation’s security posture and the attacks targeting them, they should then take this data and allocate budgets accordingly, before their business is disrupted or reputation is damaged.”
- We’ve also highlighted the best antivirus to help protect your organization from the latest cyber threats