Security budgets of Indian organizations: Where is it heading?

The perpetual catch up game between hackers and CISOs is resulting in a steadily rising cybersecurity budget. We take a look at what’s driving this trend and assess the security roadmap in 2018.

Data has proven to be the Holy Grail of today’s connected enterprise. Research firm IDC estimates that by 2025, the global ‘datasphere’ will grow to 163ZB (trillion gigabytes), ten times the data generated in 2016.

IDC forecasts that less than half of the ‘datasphere’ will be secured by 2025. Today, with data residing on multiple devices and across hybrid cloud platforms, merely securing the perimeter is not enough. The endpoint might not necessarily be a victim as cybercriminals are getting smarter and the attacks - automated.

Securing data of this magnitude demands best-in-class new age technology, and that demands a considerable budget allocation.

Gartner forecasts worldwide security spending to total USD 96.3 billion, that’s an 8 percent spike from 2017.      

IDG India’s State of the CIO survey (SOTC) reflects the same trend in the Indian enterprise as well. In 2016, 28.6 percent of the CIO’s IT budget was earmarked for increasing cybersecurity protection in the next year. This year, the number notched up to 31.7 percent.

Additionally, 2.64 percent of CIOs said that they spent over 50 percent of the organization’s IT budget on security.

In fact, among the CEO’s top three priorities, upgrading IT and data security to avoid cyber-attacks accounted for 41.3 percent.

Among the areas in which CIOs anticipate most difficulty in finding appropriate skillsets, 23 percent of respondents identified security and risk management.

What explains security taking the largest slice of the pie

Rajpreet Kaur, Senior Research Analyst at Gartner believes that the primary driver for this trend has been widespread ransomware attacks and high profile data breaches. “Enterprises are going to spend more on improving their detection and response capabilities,” says Kaur.

Although she believes that there is no direct short-term ROI for such investments, CISOs must present information on the risk management strategy to the board regularly and how a particular investment could reduce the risk surface.

The concern around security breaches has moved from an IT function to a topic of strategic importance. “Many of our large enterprise customers across India acknowledge that cybersecurity is now a boardroom discussion, having emerged as a key concern for IT and business managers alike,” says Akshay Aggarwal, Director and Solution Specialist at Oracle India.

He adds that CISOs ought to invest appropriately to ensure that the data is encrypted when at rest, and also when in use. Advanced cloud security solutions enhance the level of security, thereby reducing the misuse of critical information and making it much easier for organizations to manage their data.

AI & ML are some of the megatrends that will grow in 2018 and when combined with human intellect, they will have the potential to understand new risks and anticipate new and potential threats to help organizations become future-ready. “We are witnessing increased interest from customers for cloud-based security solutions as they realize it’s best to focus on their core business and leave it to security experts to manage their security engine,” says Aggarwal.

 

To know more news and features around cybersecurity, please visit the Agenda 2018 website.