Security budgets and spending are on the rise, with much of that spending going toward in-house skills to support application security, intelligence and analytics, and data security, among other functions, according to a new SANS survey on IT security spending trends. The survey, conducted online in the fourth quarter of 2015, revealed that, in general, both IT and security budgets for financial services (including banking and insurance), technology providers, government, education and health care are on the rise.
Spending for security skills follows respondents’ primary drivers for spending. The top two areas of skills they are investing in include sensitive data protection and regulatory compliance. However, their technology spending does not follow their drivers and skills spending. For example, rather than data protection and compliance, such as DLP and encryption, their technology spending favors more traditional controls, such as network visibility and malware defense. Respondents’ organizations are overwhelmingly spending their staffing and technology dollars on in-house skills and technology, except for DDoS protection, for which the majority is using cloud services.
2015 Energy Industry Cybersecurity Report
Strategic Cybersecurity: A Toolkit for Prioritizing, Coordinating, and Transforming Your Cybersecurity Program