More does not always equate to better when it comes to IT security investments, according to a white paper recently published by 451 Research.
After the technology advisory firm interviewed more than 1,100 senior security executives in financial services and other industry verticals from around the globe, 73% of the respondents anticipate increasing their spending on security, and 23% of the respondents expect their investments to be “much higher.”
However, a larger security budget does not mean that organizations will attain their desired results, noted Garrett Bekker, principal analyst, information security practice at 451 Research and the report’s author.
“To the extent that security spending continues to increase each year, a defensible argument could be made that, at worst, much of that money is being wasted, or at best, sub-optimally allocated,” he wrote.
Garrett attributed much of the misalignment to changing nature of enterprise infrastructure. “Simply put, our corporate boundaries become increasingly porous, and our resources are on the move, traditional endpoint and network security approaches are no long sufficient in and of themselves,” he added.
The increasing use of cloud computing and other offerings delivered as services has put more of a focus on identity management, encryption, and digital loss prevention than common endpoint and network security approaches like firewalls and anti-malware applications.
To make matters worse, close to two-thirds of the respondents (63%) stated that they deploy new technologies in advance of having appropriate levels of data security in place.
A large plurality of the executives polled (44%) also stated that compliance was the primary reason why they invest in data security.
And the price of non-compliance with data security regimes, such as New York State Department of Financial Services’ cyber-security requirements that went into effect on March 1 or the EU’s General Data Protection Regulation that is set to go into full effect on May 6, 2018, can be high.
Once GDPR is in full effect, data protection regulators will have the authority to level fines up to 20 million euros or 4% of a firm’s global turnover, its sales net taxes, depending on the infraction.
It’s now more than a slap on the wrist, according to Bekker. “It’s important to recognize that it’s no longer enough to just check off compliance boxes,” he added.
NEWSLETTER SIGN UP
And receive exclusive articles on securities markets
🏆 The 2026 Global Markets Choice Awards are here! 🌍 Nominations are officially OPEN for the celebration of excellence in global capital markets trading & technology. Nominate below:
https://www.jotform.com/form/260086385121150
Delaware Life Insurance Company is becoming the first insurance carrier to offer an index that contains cryptocurrency, adding the BlackRock U.S. Equity Bitcoin Balanced Risk 12% Index to its fixed index annuity (FIA) portfolio.
As the digital assets industry pushes toward
Franklin Templeton is expanding its tokenized fund suite, signaling growing institutional demand for blockchain-based fund infrastructure and regulated investment products moving onchain. Read the full article below:
$50 billion in active ETF inflows helped fuel a record year for @BlackRock 's iShares business, as investors continue to lean into active strategies.
Related articles
-
The SEC erased nearly a year’s worth of text messages sent and received by former Chair Gary Gensler.
-
The regulator's emails and email attachments were subject to unauthorized access.
-
PQC aims to strengthen communication and data security as quantum computing advances.
-
The DORA compliance deadline is just three months away.
-
Quantum computing poses a major cybersecurity concern as it can break cryptography & encryption algorithms.