In 2024 [2] [3] [4] [5], Chief Information Security Officers (CISOs) are facing challenges with security budgets, influenced by global economic and geopolitical uncertainties [4].
Description
CISOs are reporting either stagnant or slightly increasing security budgets in 2024 [4], with the average budget growth at 8%, a slight increase from the previous year. However, this growth rate is lower compared to the years during the Covid-19 pandemic. Nearly two-thirds of CISOs are seeing budget increases, while a quarter are facing flat budgets and 12% are experiencing declines. Certain sectors like financial services, technology [4], retail [4], and hospitality are witnessing budget increases [4], while healthcare [4], business services [4], consumer goods and services [4], and manufacturing are facing decreases [4]. Organizations are strategically allocating their security spending to combat sophisticated threats like AI-driven attacks [2]. Tighter budgets are impacting recruitment [2], with one in three CISOs maintaining headcounts [2]. Security spending is primarily driven by incidents, breaches [1] [2] [3] [5], or increasing risks [2], with cost being a significant barrier for companies aiming to enhance cybersecurity efforts [2]. The uncertain economy is leading to a cautious approach to cybersecurity spending [2], despite escalating risks. Budget increases are motivated by incidents or breaches, changes in risk appetite [3], company repositioning [3], growth [1] [2] [3] [4] [5], increased risk [2] [3], and industry disruptions [3]. However, cautious spending has resulted in a slowdown in hiring [3], with the average security staff growth rate declining from 31% in 2022 to 12% in 2024 [3]. Security spending has surpassed IT spend and revenue growth [1] [5], indicating a growing emphasis on security within organizations [1] [5]. Significant budget increases are often triggered by external risks and internal factors such as incidents [5], breaches [1] [2] [3] [5], AI adoption [5], and company expansions [1] [5].
Conclusion
The impact of global economic and geopolitical uncertainties on security budgets is evident in the cautious approach taken by organizations. Mitigating risks and enhancing cybersecurity efforts remain critical, despite budget constraints [1]. The future implications of these trends suggest a continued focus on strategic security spending to address evolving threats and challenges.
References
[1] https://vmblog.com/archive/2024/09/05/new-research-reveals-security-budgets-only-increased-2-points-in-2024-while-12-of-cisos-faced-reductions.aspx
[2] https://www.infosecurity-magazine.com/news/security-budgets-pressure/
[3] https://www.iansresearch.com/resources/all-blogs/post/security-blog/2024/09/05/2024-security-budget-benchmark-report–key-findings
[4] https://www.csoonline.com/article/3504991/ciso-budget-survey-modest-increases-in-2024.html
[5] https://www.prnewswire.com/news-releases/new-research-reveals-security-budgets-only-increased-2-points-in-2024-while-12-of-cisos-faced-reductions-302239521.html