22 March 2016
IISP director Piers Wilson says security is often regarded as an “overhead” during times of financial pressure.
Information security is not keeping pace with growing risk, according to the Institute of Information Security Professionals (IISP).
Following a survey carried out with its more than 2,500 members, the institute found that over two thirds had increased their information security budgets, while a further 15 per cent said that they had stayed the same.
While these are encouraging figures, the IISP points out that they have to be examined alongside increasing risk.
The poll also revealed that 60 per cent of respondents felt budgets were still not keeping pace with the rise in the level of threats. Only seven per cent reported they were rising faster than the level of threat.
Institute director Piers Wilson believes security is often seen as a supporting function or an overhead during times of financial pressure or instability seen in recent years.
“Security budgets are hard won because they are about protection against future issues, so are a good indication of the state of risk awareness in the wider business community,” says Wilson. “While it is good news that businesses are increasing investment, it is clear that spending on security is still not at a level that matches the changing threat landscape.”
The survey also found that when it comes to recruitment, there is still a skills shortage but the problem doesn’t just lie in the number of people. Respondents point to a shortfall in the level of skills and experience, making staff training, development and retention crucial to the future of the industry.
The IISP is a not-for-profit organisation and has more than 2,500 members working in security across a wide range of industries and roles. The institute claims the results of its survey provide an accurate snapshot of the state of the UK cyber security landscape from those working on the frontline.
