Enterprise security teams struggle to balance budgets against demands

Businesses are increasingly moving more of their operations to the cloud and this leads to a greater focus on securing these workloads.

Cloud infrastructure security company Threat Stack has released a new report created by Vanson Bourne which shows 54 percent of businesses are worried that they will soon outgrow their security solutions.

Budgets are expected to increase by 19 percent over the next two years, but organizations are struggling with a disconnect between security and DevOps and are facing difficulties in determining where to allocate this budget in the face of rapidly evolving infrastructure.

A common complaint within organizations is that development is working contrary to security team goals. 91 percent of respondents believe the development teams introduce risk to the organization. The top three reasons for this are development needing access to things like sensitive corporate information (45 percent), personally identifiable information (40 percent) and root-level permissions (34 percent).

Almost three-quarters of respondents (74 percent) agree that the security team is under pressure to keep pace with development and operations and 63 percent of businesses believe their security team slows down the speed of their business.

Although security budgets are set to grow, more than 90 percent of respondents also report facing significant challenges related to budget allocation These include 53 percent who say it’s difficult to choose a security solution that is both scalable and within their budget. 39 percent struggle when evaluating security vendors and defining how each security element impacts business risk, and 31 percent report that different departments and areas of the business control their own security budget which makes it difficult to execute on an overall business strategy.

"Budget constraints are a constant challenge for security teams," says Jonaki Egenolf, chief marketing officer at Threat Stack. "Through the Threat Stack Cloud SecOps Program we work directly with customers to help alleviate some of that pressure by augmenting short-staffed security teams and helping maximize the value of cloud security investments. There is no one size fits all answer to cloud security which is why we provide specific, customized and
actionable recommendations designed to decrease risk without slowing down the speed of their business."

You can find out more in the full report available from the Threat Stack website.

Image credit: Norebbo/Shutterstock