As 2012 came to a close, we studied the financial position of many CISOs and asked about their expectations for 2013. Unsurprisingly, it was apparent that 2012 was another difficult year and that CISOs had been keeping their belts tight once again. When compared with the other IT departments, however, it became clear that this budgetary flat-line actually represented quite a success, as 2012 had seen most other teams face further cutbacks and spending restrictions.
When we looked ahead to 2013, we saw the usual hopeful optimism from the CISOs – proving once again that any allegation of a correlation between ‘pessimists’ and ‘security professionals’ is complete nonsense. It was interesting, however, to note a marked difference in attitudes dependent upon which side of the Atlantic the respondent was located. Put simply, North American based CISOs had a much more buoyant view of security related finances in 2013 than their European peers.
And this optimism isn’t without precedent. Forrester keeps on encountering CISOs who have received substantial investment to fund a real response to the increasingly hazardous business environment. Make no mistake, this money wasn’t just showered upon them because they did a good job of running the security function; the common ground was that each stepped back from fire-fighting duties and carefully crafted a business case that spoke to organizational objectives and aligned with the CEO’s priorities.
2013 could be a crucial time for security investment – while many firms have restricted spending for several years now, the threat has continued to escalate. Security professionals need to consider whether they can allow themselves to fall any further behind. Irrespective of your global location, money for security can be found, but it’s down to the CISO to figure out the right business case to unlock it. Read more in our report – Understand Security & Risk Budgeting For 2013.