CIOs looking at increasing spends on cyber security: EY
Companies across sectors may increase their spending on cyber security as a percentage of the overall IT budget as they look to comply with privacy...
Companies across sectors may increase their spending on cyber security as a percentage of the overall IT budget as they look to comply with privacy laws and protect organisations against new emerging threats, says a report by consultancy firm EY.
A survey conducted by EY found 42 per cent respondents saying they are "willing to invest more than 10 per cent of their annual IT budget on cyber security".
The report highlighted that the "onslaught" of Industry 4.0 technologies such as artificial intelligence (AI), Internet of Things (IoT) and machine learning (ML) -- being considered and adopted -- are drastically increasing the attack-surface for companies.
"Additional challenges have been introduced, such as multiple platform interfacing, penetration testing, management of multiple devices, and so on. Privacy elements are baked into this entire gambit of concerns," the report said.
The respondents also took cognizance that privacy is an important compliance requirement, especially with General Data Protection Regulation (GDPR) coming into effect that includes hefty penalties.
Interestingly, 40 per cent of the respondents stated that they are still aligning their organisations and technologies to meet compliance.
The report -- which is based on responses of chief informtion officers (CIOs) across sectors -- found 61 per cent saying they have chosen privacy and security considerations as one of the biggest factors that influences their decision to invest in a disruptive technology.
These sectors include consumer products, finance, utilities, pharmaceuticals and technology among others.
"Majority of companies are still in the process of recognising the importance of implementing appropriate organisational and technical controls for data privacy and potential implications of non-compliance," the study said.
It added that inculcating a culture of privacy-by-design and security awareness will enable organisations to conduct business across and within borders with minimum ease.