Allocation of Security Resources
The scope of security’s responsibility within organizations continues to broaden, and increasingly it includes such areas as risk management, business continuity, and cybersecurity.
That’s one finding of joint research from Security Management and Resolver, research which was the subject of a webinar earlier this month moderated by ASIS IT Security Council Chair Jess Sieben, CPP, CISSP. Sieben, who also is corporate security product manager at Resolver, was joined by his colleagues Ryan Thiessen and Anaud Ganpaul on Using Data to Allocate Your Security Resources, which is available for free on-demand by registering.
Here’s a look at the breakdown of security responsibilities:
Looking at security budgets, the study showed that while the typical budget for cybersecurity is seeing larger increases, both cyber and physical security budgets are on the rise:
Ganpaul cites this a positive development: “This is good news as one of the concerns we’ve been hearing is that the budget for the cybersecurity team can starve that physical security budget. But the data shows that they are continuing to fund both at the levels that they require.”
While still more than 50 percent, the study indicated that the budget allocation for staff was falling while the budget allocated to equipment and software rose.
The survey also examined the relative number and import of the incidents with which the security team dealt with in the previous year. These incidents led to an average loss of $3.5 million per company in the study. They survey, and webinar, wrap up by examinging the tools companies used to track incidents and mitigate future risk.