2022 Security Budget Benchmark Report Preview

November 1, 2022 | By IANS Research

In this piece, we’re breaking down two compelling data points from our Security Budget Benchmark Report. The 2022 edition of our annual survey featured survey responses from over 500 CISOs in the U.S. and Canada across all industries. 

 

NEW FOR 2023: Security Budget Benchmark Summary Report


Security Budgets Increased by Double-Digit Percent  

Overall, 79% of our survey respondents reported an increase in their organization’s security budget YoY. Of this subset, the average budget increase was 22%. These organizations experienced growth in cyber investments driven by business expansions, security program development and increased awareness of business exposure. 

To effectively mitigate the ever-evolving threat landscape, CISOs were bold and requested an average of a 32% boost in their security budget YoY – with eight out of 10 CISOs receiving a budget increase by an average by 17%.   

The Biggest Budget Increases Are the Result of a Breach or Incident 

Data from our respondents highlight breaches or security incidents at the company as triggers for the largest increases in security budgets, adding an average of 36% to the budget. 

Other contributing factors included strategic changes such as a merger or acquisition and high-profile industry disruptive events drove up security budgets by 27% and 20%, respectively. (See Figure 1) 

Figure showing What was the primary reason for the budget increase?

Staff and Compensation Claims the Largest Security Budget Share 

When it comes down to where and how security budgets are allocated, our data showed staff and compensation consumed the largest portion at 39% of the total security budget.  

For the third year in a row software spending represented a sizable portion of the budget across two categories for a total of 28%, with the rise of cloud transformation influencing 10% more spending towards off-premises software than on-premises solutions. 

Outsourcing averages 10% of the security budget by comparison, a much smaller component. (see Figure 2). 

Steve Martano, co-founder at Artico Search, said, “Despite staff compensation being the plurality of the CISO’s budget, most security leaders are struggling to get adequate resources required to fill critical roles and hire backfills from staff attrition. Misaligned salary bands, outdated market data and the competitiveness of the market across all levels of security make hiring and retaining a full team a constant struggle, despite staff compensation being the largest CISO budget line item.” 

Research-backed data found in this annual report can provide acting CISOs with content for how other security leaders are allocating funds, but also serve as a tool to substantiate their requests in the next budget cycle. 

Figure displaying Staff and Compensation Claims the Largest Budget Share

 

READ: How Security Budgets Break Down

 

CISO Compensation & Security Budget Benchmark Reports

Each year, IANS, in partnership with Artico Search, releases a series of benchmark reports on CISO compensation, security budgets, key security staff compensation and job satisfaction. 

These in-depth reports feature new takeaways, uncover a wealth of insights and provide valuable leadership guidance to fine-tune your current role, department and career path. 

Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our blog posts, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by individuals or firms in connection with such information, opinions, or advice.


Access time-saving tools and helpful guides from our Faculty.


IANS + Artico Search

Our 2024-2025 CISO Compensation and Budget Benchmark Survey is Live!

Subscribe to IANS Blog

Receive a wealth of trending cyber tips and how-tos delivered directly weekly to your inbox.

Please provide a business email.