UpGuard has released the results from its annual cyber security spending survey. These demonstrate that cyber security budgets are increasing and that third-party risk remains the top threat vector.
The anonymous survey covered topics including where organizations prioritized their spending, which threat vectors were the most concerning, company and IT team sizes, and the overall confidence that respondents had in their organization’s security posture.
The main takeaways from the survey were:
- 72 percent of respondents anticipate that their organization’s cyber security budget will increase over the next three years. Of the businesses that project expanded cyber security spending in their budgets, they predicted a 70 percent average increase in their cyber security budget over the next three years. Of that group, 28 percent predicted at least a 100 percent increase in their company’s cyber security budget.
- 73 percent of organizations reported cyber security budgets of over $100k, while about one-third of the respondents had cyber security budgets totalling over $500k.
- Despite larger company sizes (over 40 percent of the survey results had company sizes of over 1,000 people), 82 percent of respondents employed cyber security teams with ten or fewer staff, which could speak to difficulties in hiring cyber security professionals in the current market.
- When asked to rank the most concerning threat vectors in the future, third-party risk topped the list, with over 70 percent viewing it as a major risk factor. The top three most concerning threat vectors were third-party risk, unsecured networks, and cloud hacking.