Newly released Security Priorities research outlines the current structure of the security organization, upcoming investment plans and the priorities driving them
Boston, MA, October 23, 2024 – CSO, the leading source for breaking news, analysis, and research on security and risk management, today released the 2024 Security Priorities Study. Now in its eighth year, the study provides valuable insights into security department trends, including increasing investment in AI-enabled security technologies, the evolving role of security leaders within the c-suite and Boards of Directors, and the growing complexity and challenges that hinder security goal achievement.
As security incidents rise globally, security leaders face increasing responsibilities and complexities. They are tasked with researching, learning, and implementing numerous solutions to safeguard their organizations, while also managing the vast amounts of data these tools generate. Notably, three-quarters (75%) of security decision-makers report that determining which tools and solutions are the best fit for their company is becoming more complex, up from 69% last year. This growing complexity may be contributing to uncertainty, as one-third of security leaders were unsure of the causes behind their organization’s data security incidents in the past 12 months.
Explore the 2024 Security Priorities for a deeper understanding of how security leaders plan to tackle these challenges.
Security investment plans driven by focused priorities
Given the constant lingering threat of cyberattacks and the strong focus on cybersecurity awareness, it is no surprise that security budgets are expected to either increase (43%) or remain the same (55%) over the next 12 months. Security budget expectations vary by company size, with 52% of enterprise organizations (those with 1,000 or more employees) anticipating an increase. compared to 35% of SMBs (those with less than 1,000 employees). Meanwhile, a majority of SMB security decision-makers (63%) anticipate that their budget will remain the same compared to 46% of enterprise organizations.
With steady or growing budget, security leaders aim to strengthen the protection of confidential and sensitive data, upgrade IT and data security to enhance corporate resilience, secure cloud environments, improve security awareness through end-user training, and streamline security infrastructure. However, many security decision-makers may need to outsource certain functions or rely on vendors for additional support, as competing priorities are the second most significant challenge to achieving their security goals.
Strong leadership required to push security initiatives
Businesses are increasingly recognizing the critical role that trusted and experienced security leaders play in driving successful, sustainable initiatives. The majority of organizations surveyed (67%) have a dedicated security executive, whether it be a top security executive, CSO, or CISO. notably, the presence of CISOs rose five percentage points to 46% this year, while CSOs increased from 20% to 29% this year. Meanwhile, the number of organizations with a top security executive without a chief title decreased from 14% to 7% this year, signaling that security leaders are gaining a more prominent role within the c-suite.
The Board of Directors are also becoming more involved in security matters. This year’s research reveals that 51% of security executives have a direct reporting line to the CEO, and more than a quarter (28%) say that they report directly to the Board. Engagement with the Board is on the rise, with nearly two-thirds (63%) of security leaders reporting interactions at least once a month, up significantly from 48% last year. Most notably, the number of executives meeting with the Board multiple times a month increased from 26% to 39% this year, while quarterly meetings dropped from 30% to 21%.
Embracing AI-enabled security tools
When it comes to AI-enabled security technologies, only 13% of survey respondents expressed no interest. The majority are actively exploring these tools with 39% conducting research, 23% piloting, and 25% having already implemented or upgraded them. End users are reaping the benefits, including reduced employee workload, faster threat remediation, and quicker identification of unknown threats. The proportion of organizations realizing benefits from AI-enabled security tools surged from 72% last year to 98% this year.
These findings indicate a strong opportunity for AI-enabled security vendors. Security leaders are eager to capitalize on AI benefits, but need proper tools and guidance from both existing and potential new vendors to ensure AI success. In evaluating AI-enabled security solutions, decision-makers consider factors such as business value, security incident record and reputation, cost, and product innovation.
Heading into 2025, it’s vital for security providers to consider their AI offerings. If their AI-enabled solution is still sitting on the product roadmap, they must focus on building trust and brand awareness while providing clear, detailed product information on features and business value. For providers that have AI already integrated into their security solution offering, it’s essential that they ensure their technology is secure, easy to integrate, and adds measurable value without increasing complexity for customers.
To learn more about this year’s Security Priorities research, please download the executive summary here. Explore how you can connect with Foundry’s security audience and engage with them at our upcoming industry events.
About the 2024 Security Priorities Study
The 2024 Security Priorities Report analyzed data from a CSO online questionnaire given to 870 security professionals. All respondents are involved in IT and/or corporate IT and physical security decision-making, with 76% having an executive, IT or security title. Respondents represent companies primarily in North America (46%), with some in the Asia-Pacific region (35%) and in Europe (15%). These companies come from a variety of industries, including technology, manufacturing, financial services, professional services, healthcare, government, education and retail. The average company has 12,328 employees.
About CSO
CSO serves enterprise security decision-makers and users with the critical information they need to stay ahead of evolving threats and defend against criminal cyberattacks. With incisive content that addresses all security disciplines, from risk management to network defense to fraud and data loss prevention, CSO offers unparalleled depth and insight to support key decisions and investments for IT security professionals. www.csoonline.com
About Foundry, an IDG Inc. company
Foundry has played a key role in every major milestone, announcement, and development in modern technology since 1964. We engage and activate the world’s most influential tech buyers and early adopters via the award-winning journalism and trusted media brands they’ve turned to for decades. Our integrated ecosystem of owned and operated editorial sites, awards, events, and tech communities is engineered to enable global audience activation through innovative marketing campaigns. Backed by robust audience insights and data from across our network, Foundry sets the standard for delivering business results to help companies grow.
With 38 offices in markets around the globe, Foundry is a wholly owned subsidiary of International Data Group, Inc. (IDG), the world’s leading tech media, data, research and marketing services company.
