The Most Comprehensive DFIR Event of the Year: SANS DFIRCON! Save $200 thru 10/3.


Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.

IT Security Spending Trends Align with Business Needs

Security as an "Enabler"; Security Tracked as Part of Another Cost Center; Spending Tied to Proactive Operational Areas

  • Bethesda, MD
  • January 26, 2016

IT and security budgets are on the rise, and they are aligning with the business needs of their organizations, according to results of a new survey to be released by SANS Institute on February 3.

"We have seen many surveys that delineate the costs involved in budgeting and spending for security," says Barbara Filkins, SANS Analyst and author of the survey results paper. "This survey fills a gap in that it shows how organizations are going about their investment--answering the what, why, where and how questions about their securing spending and budget processes."

Results show that respondents are positioning security as a business enabler. According to the survey, 80% use regulatory requirements to justify their budgets and expenditures, while 78% align spending with business objectives. It reflects the primary business driver for security spending--protection of sensitive data--as well as the operational area that accounts for most current security spending--protection and prevention.

Most organizations track security spending as part of another cost center, whether under IT (48%), general operations (19%) or compliance (4%). Only 23% track security spending as its own cost center.

Results also introduced some contradictions. Survey respondents aligned their security spending on proactive operational areas and are seeking skills in preventative technologies, such as application and data security. However, their technology spending doesn't reflect this. Rather than DLP, encryption and compliance technologies, respondents say their organizations are purchasing technologies to support secure access, malware prevention and endpoint security. Data protection was their fourth choice.

Throughout the survey, respondents shared their experiences with security spending and provide advice for budgeting for security. Some of their quotes will be published anonymously in the survey paper.

Full results will be shared during a February 3, 2016, webcast at 1 PM EDT, sponsored by Arbor Networks and Gigamon, and hosted by SANS. Register to attend the webcast at

Those who register for the webcast will hear SANS Analysts Barbara Filkins and G. Mark Hardy share their views of the results, along with presentations by sponsor speakers who relate budgeting to their businesses. Registrants will also receive access to the published results paper developed by Filkins.

FEB 3 - What #INFOSEC Budget Pros told us about the #ITBudget. Register: Free

How are your #Infosec colleagues managing their #ITBudgets? Find out on 2/3:

Don't miss SANS 2016 #ITSecurity Spending Strategies Survey Results Feb 3. Register: #infosec

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals at governments and commercial institutions world-wide. Renowned SANS instructors teach over 60 different courses at more than 200 live cyber security training events as well as online. GIAC, an affiliate of the SANS Institute, validates a practitioner's qualifications via over 30 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers master's degrees in cyber security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet's early warning system--the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to help the entire information security community. (