In this piece, we’re breaking down two compelling data points from our Security Budget Benchmark Report. The 2022 edition of our annual survey featured survey responses from over 500 CISOs in the U.S. and Canada
across all industries.
NEW FOR 2023: Security Budget Benchmark Summary Report
Security Budgets Increased by Double-Digit Percent
Overall, 79% of our survey respondents reported an increase in their organization’s security budget YoY. Of this subset, the average budget increase was 22%. These organizations experienced growth in cyber investments driven by business expansions,
security program development and increased awareness of business exposure.
To effectively mitigate the ever-evolving threat landscape, CISOs were bold and requested an average of a 32% boost in their security budget YoY – with eight out of 10 CISOs receiving a budget increase by an average by 17%.
The Biggest Budget Increases Are the Result of a Breach or Incident
Data from our respondents highlight breaches or security incidents at the company as triggers for the largest increases in security budgets, adding an average of 36% to the budget.
Other contributing factors included strategic changes such as a merger or acquisition and high-profile industry disruptive events drove up security budgets by 27% and 20%, respectively. (See Figure 1)
Staff and Compensation Claims the Largest Security Budget Share
When it comes down to where and how security budgets are allocated, our data showed staff and compensation consumed the largest portion at 39% of the total security budget.
For the third year in a row software spending represented a sizable portion of the budget across two categories for a total of 28%, with the rise of cloud transformation influencing 10% more spending towards off-premises software than on-premises solutions.
Outsourcing averages 10% of the security budget by comparison, a much smaller component. (see Figure 2).
Steve Martano, co-founder at Artico Search, said, “Despite staff compensation being the plurality of the CISO’s budget, most security leaders are struggling to get adequate resources required to fill
critical roles and hire backfills from staff attrition. Misaligned salary bands, outdated market data and the competitiveness of the market across all levels of security make hiring and retaining a full team a constant struggle, despite staff compensation
being the largest CISO budget line item.”
Research-backed data found in this annual report can provide acting CISOs with content for how other security leaders are allocating funds, but also serve as a tool to substantiate their requests in the next budget cycle.
READ: How Security Budgets Break Down
CISO Compensation & Security Budget Benchmark Reports
Each year, IANS, in partnership with Artico Search, releases a series of benchmark reports on CISO compensation, security budgets, key security staff compensation and job satisfaction.
These in-depth reports feature new takeaways, uncover a wealth of insights and provide valuable leadership guidance to fine-tune your current role, department and career path.
Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our blog posts, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by individuals or firms in
connection with such information, opinions, or advice.