THE SECURITY Research Initiative (SRI) has just published its latest report. Entitled ‘The Role of Security in Influencing the Budget’

This is an interesting report and probably the first of its kind in the industry covering this topic.  As summarised on the blog post of the report, some of the key findings were:

The aim of the research was to explore the extent to which security managers are able to influence the security budget, whether and why this matters, and how greater influence can be attained. It is based on the views of security professionals from both in-house and contract positions (predominantly those currently in a ‘security manager/director’ type role), collected via an online survey and in-depth interviews.

  • 76% agreed that being able to influence the budget is key to delivering good security.
  • Influence over the budget was considered important for several reasons including: giving status to security in discussions with other departments enabling security advice and proposals to commonly be listened to; and being able to direct the allocation of resources using relevant expertise.
  • A lack of influence meant that security managers could not: purchase basic and essential resources; plan effectively; and resulted in security decisions being made by non-security experts.
  • 51% of respondents in a current security management role had a high level of influence on the budget; 10% were ‘not involved’.
  • 46% of security managers/directors thought that their current budget was ‘insufficient’ (42% thought it was ‘sufficient’). Unsurprisingly, those with the highest levels of influence over the budget were the least likely to view it to be insufficient.
  • Reasons for the budget being considered less than required included: the budget allocated did not reflect the risks faced; and did not cover key areas such as training, travel, basic equipment, contingencies; teams were understaffed; rising costs not covered; and being asked to provide more for less.
  • The chances of being allocated an appropriate budget was improved if: the security function was seen as core to business (86% agreed); an organisation understands its security threats and risks (85% agreed); the security team has a high status (83% agreed).

Access the full rpeort by clicking the button below.

Statements on allocation of an appropriate budget, with the highest level of agreement %

(source: SRI in collaboration with Perpetuity Research & Consultancy International)