Deloitte and the Financial Services Information Sharing and Analysis Center surveyed respondents at 97 large and midsize financial services companies and found that an average of 10% of IT budget is spent on cybersecurity, translating to approximately 0.2% – 0.9% of company revenue. At larger firms, nearly one-fifth of cybersecurity budget is allocated to identity and access management, which is almost twice the percentage of midsize and smaller companies.
The report also analyzed the various components of companies’ cybersecurity operations and found that the most successful cybersecurity programs share the following traits:
- Setting a tone at the top of the organization with both executives and the board
- Raising cybersecurity’s profile beyond the IT department
- Aligning cybersecurity efforts with the company’s business strategy
We thank Deloitte for sharing these survey results with our audience.