Wisegate released its IT Security Benchmark Report, based on a survey developed by Wisegate Members, who are senior CISOs and security practitioners, to answer the questions their peers most wanted to know. It includes a range of topics from company security posture to current security policies and procedures, InfoSec involvement in IT operations and CISO career challenges.
“By publishing the results of the first IT Security survey developed by senior professionals for senior professionals, Wisegate is helping to democratize IT information and put the collection and communication of information directly into the hands of IT practitioners,” said Sara Gates, Founder and CEO of Wisegate. “This is a long overdue transformation that will ultimately help busy IT leaders get straight answers about the most pressing issues in order to make superior decisions.”
The report was compiled from survey responses from over 100 North American senior-level security practitioners representing multiple major industry segments. To assist with the planning and security efforts of IT leaders, the report offers analysis of key factors that influence the effectiveness of security programs and provides comprehensive benchmark data security leaders need to improve security programs, demonstrate business value and gain executive support for new programs or underfunded initiatives.
“Security practitioners face significant challenges managing the growing complexity of IT security,” said David Sherry, CISO at Brown University. “By providing direct feedback from other senior security professionals, Wisegate’s Benchmark survey will provide a valuable tool to help measure the progress of my own security programs and will help me achieve executive buy-in on critical projects.”
Key findings include:
- 56% of participants gave their company a strong security posture grade
- Companies with stronger security postures have 1.5 times more processes, policies, software and systems than companies with weaker security postures
- Companies with weaker security postures report 41% less management engagement and 24% less CIO engagement than companies with stronger security postures
- As a percentage of IT budget, Banking & Financial Services spends the highest and Government spends the lowest on security at 10% and 2% respectively
- Companies with less than 1,000 employees spend 2.5 times more of the IT budget on security than companies with 20,000 or more employees
- One-third of respondents are not satisfied with their current job
- 71% of respondents say their job is stressful.
Benchmarking against similar organizations provides IT leaders with powerful tools to analyze departmental performance and gain executive management support. Since no universal standards for security programs exist, peer-based benchmarking can help chief information security officers (CISOs) and other senior security leaders tap the collective experience and intelligence of their peers.
“Often, senior IT leaders struggle to get straight answers on how others within the industry approach IT security,” said Martin Zinaich, Wisegate member and Information Security Officer for the City of Tampa. “We need trusted sources of comprehensive benchmark data to justify decisions and demonstrate the business value of IT security. Wisegate is responsive to member needs and provides access to that knowledge in an innovative and useful way.”
The complete report is available here (registration required).