Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Â
Research Snapshot - A corporate view of Reviewing IT Security
1. Vanson Bourne, Summer 2013
Interviews with 100 IT decision-makers from organisations with more than
1,000 employees, across a range of commercial sectors in the UK
Research snapshot â
A corporate view of
Reviewing IT Security
2. How much are organisations spending on IT security?
Source: Vanson BourneAmount organisations are spending on security, as a percentage of their overall IT budget
On average
organisations
are spending
just 8% of
their overall IT
budget on
security
65% of
organisations
have
increased
their IT
security
spend
compared to
three years
agoâŠ
⊠whilst IT
spend
has
decreased
for an
average of
7% of
organisations
3. But how many organisations are reviewing their IT security?
Source: Vanson Bourne
of organisations have a
formal process for reviewing
their security protocols and
security providers/partners
of organisations do not
have a formal process for
reviewing either their
security protocols or
security providers/partners
Organisations with a formal process for reviewing their security protocols and security providers/partners
Does your IT organisation have a formal process for reviewing security protocols
and security providers/partners?
Security protocols
and security
providers/partners
Neither
Security
providers/
partners only
Security
protocols only
8.3%
7.1% 7.3% 7.3%
Organisations who have a
formal process for reviewing
their security protocols and
security providers/partners
are spending more of their
IT budget on security
4. Source: Vanson BourneFrequency of formal review process for reviewing security protocols and security providers/partners
And how frequently is IT security being reviewed?
On average
organisations are
reviewing their security
protocols and security
providers/partners
every 7 months
One quarter of
organisations are
carrying out the review
on a quarterly basis or
more frequently
Three in ten organisations with
increased spend on IT security review
their security protocols and
providers/partners on at least a quarterly
basis. This compares to almost one in six
organisations who have not increased
their IT security spend
31%
14%
IT security
review
Increased spend on IT
security
Not increased spend on
IT security
5. Source: Vanson BourneOrganisations who feel that their employees regard security as the top priority when it comes to use of IT
Finally, to what extent is IT security a priority?
When it comes to IT use, less than one
quarter of organisations feel that
security is regarded by employees as the
top priority
Security protocols
and security
providers/partners
Neither
Security
providers/
partners only
Security
protocols only
31%
15% 20% 0%
Although organisations who have a
formal process for reviewing their
security protocols and security
providers/partners are most likely
to prioritise IT security, only three
in ten employees within this
category regard it as a priority