IT security budgets are holding steady, survey

Share this article:

Information security budgets are not in jeopardy. According to a survey of 300 network administrators in charge of IT security at their companies, 81 percent of respondents did not expect a decrease in budgets for 2008. In many cases, security budgets are expected to actually increase.

The survey respondents also indicated that secure file transfer was the major issue they face. Among those using secure file transfer (externally or internally), the proportion indicating that their organization's security policy identifies what “sensitive data” should be exchanged has been trending upward. In addition, among those using a secure method of file transfer at least “sometimes” for exchanging sensitive data internally between remote offices, those saying they “mostly” or “always” use a secure method for internal file transfers of sensitive data increased significantly. 

Also in the annual survey, commissioned by VanDyke Software and executed by independent firm Amplitude Research, network administrators were asked to select the three most important security management issues facing their company from a list of 11 areas. Here's the list, with this year's survey response tallies compared to last year's: 

  • Securing remote access (50 percent up from 47 percent last year);
  • Keeping virus definitions up to date (42 percent compared to 45 percent);
  • Monitoring intrusions (40 percent, same as last year);
  • Secure file transfer (33 percent versus last year's 31 percent);
  • Patching systems (30 percent in 2008 compared to 42 percent);
  • Password management (27 percent versus 20 percent);
  • Network use monitoring (21 percent versus 22 percent);
  • User awareness (19 percent this year, similar to 20 percent in 2007);
  • User training (14 percent, same as last year);
  • Managing logs (12 percent compared to eight percent);
  • Replacing nonsecure protocols (11 percent compared to eight percent).

Among the issues respondents were asked about, automated patch management has declined in importance the most.

“The likely takeaway concerning the decrease in automated patch management is that existing solutions are basically working,” said Steve Birnkrant, chief executive officer and founder of Amplitude Research.


Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters


More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.