Here is a look at three reasons that are bringing the change
There was a time, not too long ago, when security was viewed as insurance, and investments were hard to come by. However, the rapidly changing business dynamics and increasing data breaches have compelled enterprises to make a strategic shift in their approach towards security.
The change is clearly visible in budget allocations. While security spending in enterprises has traditionally seen an incremental annual growth of 2 percent, it is expected to increase by 8.4 percent in 2015, according to Morgan Stanley.
There are three principal reasons for this.
Firstly, confronting an onslaught from a series of next-generation threats (DDoS, APT, Ransomware etc), has forced organizations to deploy enhanced security solutions.
“An attack on a corporate not only leads to huge financial losses but also puts its credibility at stake. This has made corporates accord high importance to security,” avers Yatin Bhatia, SGM – Technology & Content Head at Aptech.
“We need to invest in security as if we are purchasing oxygen to survive in the digital atmosphere we have created around us,” he says.
Secondly, a strong push from the client side is also forcing businesses to change their views about information security. Customers are increasingly want companies to invest in certifications such as ISO 27001:2013, PCI DSS, HIPAA etc.
Ashutosh Namdas, Corporate Security & Compliance Specialist at eGain Corporation, points out, “Today if anyone wants to be in business, they have to meet the customer and regulator requirements to become compliant. Businesses are therefore serious about the data security. They know that if they want to be in race and win the customers’ trust, they have to invest on security.” By implementing proper security controls, the business also ensures less downtime in the production environment. Thirdly, the evolution of the IT industry itself has warranted a focus on information security.
“In today's world, there are various platforms like IaaS, PaaS, SaaS or overall BPaaS which have accelerated the need for seamless, robust and simple to deploy overall security solution. The security services vendors have also taken a leap forward on this path and are providing competitive solutions which are easy to deploy, cost effective, available on pay-as-you-go model and are simple to understand and deploy,” says Bansal who also handles IT Infrastructure Delivery Management, Program Management and IT Governance at Genpact,” says Ashish Bansal, AVP-IT, Genpact.
Corporates have no doubt realized the importance of information security in business growth. However, there is still an area of concern. According to Wells Fargo, of the total IT budget, the fraction spent on security is a meager 5 percent. The share may be rising but so are the threat levels. Whether the scale of investments is adequate or not continues to be debatable.