Were you unable to attend Transform 2022? Check out all of the summit sessions in our on-demand library now! Watch here.
Consolidating their organization’s tech stacks, defending budgets and reducing risk are three of the top challenges facing CISOs going into 2023. Identifying which security technologies deliver the most value and defining spending guardrails is imperative.
Forrester’s 2023 security and risk planning guide provides CISOs prescriptive guidance on which technologies to increase and defend their investments and which to consider paring back spending and investment.
Forrester recommends that CISOs fund proof of concepts in four emerging technology areas: software supply chain security, extended detection and response (XDR) and managed detection and response (MDR), attack surface management (ASM), breach and attack simulation (BAS) and privacy-preserving technologies (PPTs).
Start by benchmarking security budgets
Forrester grouped enterprises into two categories: those that spent up to 20% of their IT budget on security versus those that spent 20% or more. Compared to data from Forrester’s 2021 security survey, they found that cloud security spending grew the most in organizations that had security spending accounting for 20% or less of overall IT budgets.
MetaBeat will bring together thought leaders to give guidance on how metaverse technology will transform the way all industries communicate and do business on October 4 in San Francisco, CA.
Security portfolios aren’t migrating to the cloud fast enough
Infrastructure leaders at U.S. enterprises have migrated 45% of their total application portfolio to a public cloud and anticipate 58% will have moved in the next two years. In addition, consensus estimates from several market surveys show that most enterprise security workloads are already on public cloud platforms. However, Forrester’s survey shows that security and risk management professionals surveyed are running behind on moving more security workloads to public clouds.
On-premises security software is still the largest expense in a security budget
Forrester’s analysis combined maintenance, licensing and upgrade expenses with new investments for on-premises software to track spending in this category. In organizations that spend less than 20% of their IT budgets on security, 41% invest in on-premises security software. Organizations spending over 20% of their IT budget on security spend 38% on on-premises systems.
Services are nearly 25% of all security spending
Given the complexity of integrating and getting value from internal security controls, spending on security services is growing today. Forrester fi …