Enterprises misaligning security budget, priorities

Some companies continue to spend on older technology, leaving gaping holes in their network.

burlap money bag

Imagine paying for a small lock on your house every year. Burglars continue to break in despite what you think is a strong security deterrent. You spend the same amount every year on this inadequate security despite the different products on the market that promise to protect your home better.

This is what some security experts believe enterprises are doing on a larger scale. Those on staff who are doing the budgeting might blindly write the same amount into the security line every year. Or the C-suite might handcuff the security personnel with a tight budget that doesn’t allow for expansion into new security products.

Mike D. Kail, Chief Innovation Officer at Cybric, said the topic of increasing cybersecurity budgets seems to be in the news every day, but unfortunately there also seems to be a large-scale breach to match that. “Tactical purchasing of point-solution tools is not helping, and CIOs/CISOs need to start investing in strategic platforms and frameworks."

451 Research found a misalignment between current threats and the appropriate defenses needed to truly protect an organization’s assets from compromise. To the extent that security spending continues to increase each year, a defensible argument could be made that, at worst, much of that money is being wasted or, at best, not adequaetly allocated.

“Simply put, as our corporate boundaries become increasingly porous and our resources are on the move, traditional endpoint and network security approaches are no longer sufficient in and of themselves,” 451 writes in its report.

Dan Burke, vice president at Globalscape, said the issue is a version of “if it ain’t broke, don’t fix it,” but the problem is that too many organizations don’t know that their security is vulnerable. They may have even been breached, but simply don’t know it yet.

To continue reading this article register now