Tuesday, 9 August 2011

Cutting costs in IT Security is a bad policy

By Robert May, Managing Director of ramsac (www.ramsac.com)

Business IT security is a perennially favourite topic of discussion. From SMEs to multi-national corporations (and even in government circles), the security of IT systems is much discussed and yet there is a feeling that maybe it is not always given the consideration it deserves. At a recent conference, CompTIA CEO Todd Thibodeaux suggested that it would be sensible to allocate 10% of a company’s IT budget to providing security, and yet the evidence suggests that in reality this is often not the case. For example, a Gartner survey recently found that the industry average spend on IT security is only about five percent. Perhaps even more startling is a report by the Ponemon Institute, Cenzic and Barracuda Networks which found that 88% of companies surveyed indicate they spend more on coffee than they do on securing Web applications!

No comments: