According to Gartner, total global IT spending is expected to reach $5.1 trillion in 2024, an 8% increase from 2023. While GenAI has yet to have a material impact on IT spending, investments in AI more broadly are supporting growth in overall IT spending.
In this article, you will find excerpts from our cybersecurity budget survey covering 2023, findings that will enable your company to develop a more effective cybersecurity strategy.
Most cybersecurity investments don’t leverage their strengths
Even as budgets continue to increase, cost optimization remains a top priority for IT and security decision-makers worldwide, with 87% of respondents prioritizing strengthening cloud infrastructure and 85% prioritizing optimizing IT costs in the next 12 months.
AI-related security concerns drive IT spending in 2024
According to Gartner, total global IT spending is expected to reach $5.1 trillion in 2024, an 8% increase from 2023. While GenAI has yet to have a material impact on IT spending, investments in AI more broadly are supporting growth in overall IT spending.
20% of CISOs missed out on salary increase opportunities
The most recent average increase in CISO total compensation was 11%, down from 14% the year before. This year, 20% of CISOs did not receive a raise, double the number a year ago, while the share of CISOs with higher retention bonuses and equity compensation also fell to 12% (from 21%) and 8% (from 24%), respectively. .
Cybersecurity budget grows modestly
While security budgets are growing at a slower rate, the security budget as a share of IT budget is trending upward, suggesting that the impact of security budget on security spending is modest compared to IT spending. Since 2020, security spending has increased from 8.6% to 11.6% of IT spending, with technology companies reporting the largest share of spending at 19%.
Cloud service inefficiency drains IT budgets
52% of IT professionals admit that their companies waste a lot of IT spending due to inefficiencies in cloud platforms and services. In fact, 73% of IT respondents reported that their cloud investments resulted in higher than expected IT costs in the past 12 months, a 28% increase compared to 2021 data.
Despite rising internal risk costs, budgets are being wasted in the wrong places
Despite the rising cost of internal risk, 88% of companies spend less than 10% of their total IT security budget on internal risk management. Companies’ IT security budget is $2,437 per employee, but only 8.2% (equivalent to employees) is allocated exclusively to internal risk programs and policies.
Economic fluctuations drive businesses to MSP
32% of respondents said achieving business growth is the most important budget driver, 29% cited replacing outdated IT infrastructure, and 28% cited security incidents or issues.
Increased spending does not translate into improved cybersecurity posture
While cybersecurity budgets will increase by an average of 29% in 2023, respondents said they would need a further 40% increase to be confident in their ability to mitigate security risks, and with that money, more than half would pay to hire More security experts, followed by investments in security awareness training (50%) and upskilling security teams (44%).
Factors affecting IT security spending
The study found that only 38% of executives said the looming economic recession will have a significant impact on their IT security spending this year. Conversely, 48% of respondents said their growing distributed workforce will have a significant impact, followed by This is followed by supply chain issues (46%).
CIO prioritizes new technology over technology stack optimization
48% of CIOs are more likely to prioritize innovating new technologies rather than optimizing existing technology stacks. The stakes are high, with 60% of CIOs reporting that freezing investment in innovation would impact their business immediately or within weeks, including business automation, business model transformation, data analytics and environmental, social and governance initiatives.
Budget constraints and burnout prompt businesses to outsource cybersecurity
In 2023, 63% of U.S. cybersecurity professionals have seen their budgets cut, compared with only 28% of their counterparts in Europe, the Middle East, and Africa. To further adapt to tighter budgets, companies in the United States (67%) and Europe, the Middle East and Africa (61%) will slow down hiring this year.