Home » Compliance » Report on Global Cyber Security Spending Finds Organizations are Still Behind
security spending

Report on Global Cyber Security Spending Finds Organizations are Still Behind

Without support and involvement from the right C-level executives, as well as adequate investment in training, technology and planning, cyber security initiatives are likely to underachieve. This reality has become an impediment for many organizations as they attempt to manage their risks, protect their sensitive data and keep their systems free of malware.

Even as hackers continue to develop more challenging attacks and catastrophic breaches emerge, organizations are falling behind in their security efforts. The need to better understand the cause of this stagnation is at the core of the Ponemon Institute’s 2015 Global Study on IT Security Spending and Investment.

Ponemon polled 1,825 security professionals in 42 countries to identify security initiatives across industries, determine investment and growth patterns and identify issues impeding program development. The survey’s findings pointed to a number of inhibiting factors in the following areas:

A lack of governance. The connection between cyber security and an organization’s bottom line is becoming increasingly clear. Yet not many people believe security is the CEO’s or board of directors’ responsibility. A mere 24 percent of those surveyed agreed that their organizations make cyber security one of the top strategic initiatives, and 50 percent indicated that their board’s spending on security remains flat.

Inadequate and misappropriated funding. Due to underfunding and a lack of planning, many security programs are incomplete. And spending is often misappropriated on solutions that do not effectively strengthen security posture. Many survey respondents felt too much funding had gone toward technology without proper infrastructure to support it. This has intensified issues, making executives wary of the effectiveness of their investments.

Limited resources for compliance efforts. In addition to falling short on enhancing security, many organizations are struggling with compliance. Fifty-eight percent of respondents claimed that their organizations don’t have the resources in house to meet regulation standards.

Rather than appropriating funds toward technologies that can’t be supported in-house, organizations should enlist an outside partner that can help manage IT governance, investments and planning. By outsourcing these efforts, an organization with limited resources can leverage state-of-the-art technology, expert security specialists, and managed security services that take the burden off internal resources.

Lunarline helps companies at every stage of their cyber security efforts — whether your organization is just getting its networks up and running, or you’re stuck in a pattern of investments that aren’t moving your security forward.

For more information on our services and products, visit us online at
Lunarline.com or contact us today.

About Spence Witten

Spence has somehow survived ten years at start-ups and small businesses without suffering a (major) nervous breakdown. As Lunarline's Director of Federal Sales, Spence actually loves working on proposals. If there were any doubt, this is proof that he is in fact certifiably insane. While his title says "Sales" Lunarline doesn't let him off that easy. We make him do real work, too. Luckily he's a recognized subject matter expert in security policy and loves helping clients navigate their way around tricky security compliance standards. He's also been known to lead a software development initiative or two, though that pretty much always ends poorly for everyone involved. He can be reached at spence.witten@lunarline.com.