Financial firms devote 10% of IT budgets to cybersecurity: SurveyPosted On: May. 3, 2019 10:39 AM CST
Financial institutions spend an average of 10% of their information technology budgets on cybersecurity, or about 0.3% of their total revenues, says a survey.
The average spending per employee is about $2,300, said the survey of 97 companies, which was conducted online in fall 2018 by the San Diego-based Financial Services Information Sharing and Analysis Center in conjunction with the cyber risk services practice of New York-based Deloitte Touche Tohmatsu Ltd.
The survey, Pursuing Cybersecurity Maturity at Financial Institutions, was issued Wednesday.
Survey participants included banks, insurers, investment management firms and other financial services companies.
The survey said the defining characteristics of organizations that have achieved cybersecurity’s highest maturity level, as defined by the Gaithersburg, Maryland-based National Institute of Standards and Technology were: securing the involvement of top executives and the board; raising cybersecurity awareness within the organization beyond the IT department; and aligning cybersecurity efforts more closely with the company’s business strategy.
The report said higher cybersecurity spending “did not necessarily translate into a higher maturity level.”
“That likely means exactly how — and how well — financial institutions go about securing their digital fortress is at least as important as the amount of money devoted to cybersecurity,” the report said.