Data security spending on the rise as malware gets more sophisticated

Organizations are investing more in cyber security and starting to focus on the impact of cyber threats and cyber security from a business perspective.

Security professionals are doing this to respond to the increased complexity of IT environments, combined with increasingly sophisticated attacks and a rapidly evolving threat landscape.

Those are among the findings of a new report from Enterprise Strategy Group. The study, conducted on behalf of test, measurement and analytics technology provider Spirent Communications, is based on a survey of 413 IT and cyber security professionals in the U.S., U.K., and Australia who work at enterprises with more than 1,000 employees.

Nearly 80 percent of the respondents cited the expanded volume and sophistication of malware as the main reason it’s becoming more difficult to protect vital information.



A large majority of respondents (92 percent) said their organization was planning to increase the cyber security budget through 2018.

The areas in which organizations were most likely to increase spending included network security, cloud security and application security. Some of the planned increase stemmed from unifying business and security functions, and the desire to treat security as an integral part of the development process.

Another key finding is that in many organizations (96 percent), the traditional role of the CISO has expanded. As security concerns are integrated into the planning for new digital initiatives, CISOs are more often included as active participants in enterprise business discussions.

The primary driver cited for the elevation of the CISO is the increasing difficulty of protecting enterprise data.