Companies Are Spending More and More on Cybersecurity

This article was written by Dan Clark for Corporate Counsel and can be found at:

Companies are spending more and more on their cybersecurity, according to a report released on Monday, both because of the visibility of cyberattacks and more regulation globally.

The BDO Global advisory report is the result of a survey of approximately 140 members of boards of directors from 100 publicly traded companies.

Seventy-five percent of respondents indicated that their companies have increased their investment in cybersecurity over the past year.

“The takeaway would be to look at the five-year trend,” said Greg Garrett, BDO’s head of cybersecurity. “The trend we’re seeing is increased investments year over year. Seventy to 78 percent are continually saying that their companies are increasing their investment in cybersecurity.”

But Garrett said what the survey doesn’t get into is that most companies he works with, across the board, are not spending a high enough percentage of their IT budget on cybersecurity.

“Many companies are spending far more on expanding their [network] capacity than [on] the actual threats that organizations are facing,” Garrett said.

Garrett said the percentage of the IT budget that should be spent on cybersecurity varies on the company’s industry. The most likely targets of a cyberattack, he said, include financial services, health care organizations, and government contractors. He said companies  generally are not spending nearly enough on cybersecurity.

“And often the investments [in cybersecurity] are triggered by regulatory environments rather than actual threats the organizations are facing,” Garrett said.

The report further goes on to indicate that 53 percent of respondents have a “digital transformation strategy” in place. While 34 percent of the respondents said they did not and do not plan on having one in the future. Thirteen percent of respondents indicated they do not have a digital transformation strategy, but plan on having one in the near future.

According to the report, digital transformation can be pared down to three areas: digital business, digital process and digital backbone. Digital business is focused on creating new value and revenue in the digital economy. Digital process focuses on the “operational digital re-invention by optimizing end to end process performance and improving efficiency.” Digital backbone is in reference to the foundation on which the digital initiatives are built.


This article was written by Dan Clark for Corporate Counsel and can be found at:

Leave a Reply