2015 Security Spending By The Numbers

Last year's non-stop parade of breaches showed CEOs and boards how detrimental a lack in security investment can really be to an enterprise's health, let alone their own job security. After all, last year saw the dismissal of Target's CEO following that company's disastrous breach—one of the first very big public firings of a chief executive in the wake of a security incident. And just last month Sony Picture's disastrous hack and subsequent release of sensitive emails to and from executives showed the personal consequences to executives when enterprises don't invest in security—for example, the incident greatly tarnished the personal reputation of studio co-chair Amy Pascal.

security_2015_edited

All of that has made for good news on the budgetary front for security teams. The analyst firms expect continued growth in security spending this year. Here are some of the highlights from prognosticators:

The most recent security budgetary prediction from analysts came from Forrester, which reported that 40 percent of firms expect to increase network security spending in 2015. Its analysts say that in some sectors overall security spend may see double-digit growth.

Meanwhile, Gartner's rosy predictions for 2015 made last summer still stands—it expects an 8.2 percent year-over-year IT security growth this year.

According to Ernst & Young, security teams’ biggest increases in spending will revolve around mobile technology (46%), cloud and virtualization (43%), data leakage (41%) and identity and access management (39%).

Approximately 46% of IT decision makers reported that they will invest more in 2015 in access control, intrusion prevention, identity management and virus and malware protection, according to the Computerworld Forecast Survey

A recent report by the IBM Center for Applied Insights showed that in the coming three to five years, 75 percent of security leaders expect their cloud security budget to increase.

Not only is cloud security on the rise—security through the cloud is also expected to grow. Gartner thinks that 10 percent of IT security in the enterprise will be delivered through cloud-based services.

Of course, the establishment of ample budgets is only the first step in solving security's tough problems. The big trick is in knowing how to spend that money wisely. According to current studies, 60 percent of organizations don't base their security expenditures on applicable risks. Some security experts recommend that a full 75 percent of security budgets be based on risks identified in advance as those most important to the enterprise, with only 25 percent geared for responding to unforeseen and emerging threats.