Forrester on Cybersecurity Budget: 2025, the Year of Financial Accountability for CISOs

with 90% From cybersecurity and risk leaders predicting they will see budget increases in 2025, many are facing a new era of accountability, as boards want to see strong returns on cybersecurity investments.

That’s a far-fetched expectation to achieve, given that 35.9% Of the typical CISO’s budget goes to software. Knowing whether, how, when and under what conditions a particular investment in cybersecurity software delivers a return on investment based on specific numbers is not easy to do, and such numbers are difficult to prove.

However, the clear budget gains are there. They start by automating a Security Operations Center (SOC) workflow that overwhelms analysts with too many conflicting alerts. Automating your endpoint detection and response system is a good place to start, with the goal of reducing alert fatigue in security operations centers (SOCs) so analysts can focus on more complex threats and intrusion attempts. Another is to automate patch management. IT managers need to move beyond trying to get it done manually with extended teams, and automate it using the latest AI and machine learning-based platforms specifically designed to optimize network-level patch management.

Forrester “2025 Budget Planning Guide: Security and Risk” Provides insight into why CISOs are seen conserving their budgets when other areas of the organization are seeing layoffs, budget cuts, and, in some cases, new programs being put on hold or canceled altogether. (Note, however, that cybersecurity budgets are fair on average 5.7% of annual spending on information technology.)

Gartner Latest forecast update (Q4 2024) for end-user spending on information security Reflects the flexibility of CISOs’ budgets in aggregate. These budgets are expected to grow from $184 billion in 2024 to $294 billion in 2028, and Gartner expects the market to grow at a compound annual growth rate of 12.43% within four years. Security software is expected to be the fastest-growing sector, consistent with Forrester’s recent findings on CISO spending benchmarks. Gartner expects security software spending to grow from $59.9 billion in 2022 to $134.3 billion in 2028, a compound annual growth rate of 14.4%.

The 10 fastest-growing market segments outperform the overall market by a slim margin of 12.63%, with cloud security being the fastest-growing segment, expected to achieve a CAGR of 25.87% from 2024 to 2028.

2025 is shaping up to be the year of financial accountability for CISOs

Stephanie Baloras, Forrester’s vice president and group director, said recently Webinar“When you think about artificial intelligence, when you think about some of the new threats that we’re looking at, when you think about post-quantum cryptography, (and) the concerns about that, we’re at that tipping point.” Gartner predicts that by 2028, 22% Of cyber attacks and data leaks will include generative artificial intelligence.

The councils don’t stop there. While they fund these tipping-point realities by approving and, in some cases, increasing security budgets, they are more focused on limiting the spread of the technology and the exorbitant licensing fees needed to keep the technology running. Whether boards approve budgets to improve compliance, reduce AI risks, and reduce technology proliferation all hinge on how CIOs and their teams perform this year.

Reading between the lines Forrester budget reportWe can see that chief information security officers have entered a new era of accountability.

How CISOs optimize cybersecurity spending for maximum impact

Cloud infrastructure, data and software are where CIOs are prioritizing their budgets through 2025, with data-related investments expected to have the biggest impact.

Forrester sees the increasing adoption of AI and generative AI (general artificial intelligence) driving required infrastructure upgrades. “Any AGI project we discuss with customers eventually becomes a data integration project,” says Pascal Matska, vice president and director of research at Forrester.

“You have to invest in specific capabilities and platforms that run specific AI workloads in the most appropriate infrastructure at the right price point, as well as incentivize investments in cloud-native technologies like Kubernetes, containers, and modern data platforms that are already in place to help,” Matska continued. “You are eliminating some of the friction that exists.” Within different business silos.”

Security and risk leaders expect the most significant changes in their budgets next year will be in cloud security, investment in new security technology to run on-premises, and security awareness and training initiatives. Each of these areas is expected to see an increase of 10% or more in 2025 budgets.

Revenue protection is key to holding CISOs accountable

One of the most important takeaways from Forrester’s Cybersecurity Planning Guide is how important it is for IT managers to take responsibility for protecting revenue if they want to have a chance at implementing the guide’s recommendations. VentureBeat continues to see that successful CIOs know how to lead their teams to support and protect revenue, and are often included in board-level discussions and report to the CEO.

IT managers who Gains in revenue drive their career development. “When something touches as much revenue as cybersecurity, that’s a core competency,” said Jeff Bullard, vice president and principal analyst at Forrester, during his keynote titled “Cybersecurity Drives Revenue: How to Win Every Budget Battle” at the Security Forum And the company’s risks in 2022, “You can’t say that’s not the case.”

The budgeting process for revenue protection must begin with the weakest and most vulnerable areas. This includes software supply chain security, API security, human risk management, and IoT/OT threat detection. Software supply chains under siege, with 91% of organizations fall victim to security incidents within just one year, underscoring the need for better safeguards for their continuous integration/continuous deployment (CI/CD) pipelines.

Open source libraries, third-party development tools, and legacy APIs that were created years ago are just a few of the threat vectors that make software supply chains and APIs more vulnerable. Ongoing attacks on widely distributed open source components, incl Log4j vulnerabilityis leveraging significant investment in software supply chain security.

Where CISOs plan to invest in new technologies

Forrester advises IT managers to consider investing in four new technology areas, briefly outlined below:

Exposure management and cyber risk measurement: As organizations begin to build more of their AI-based applications internally and expand into development, cloud, and IoT applications, vulnerability risk management (VRM) and attack surface management (ASM) are becoming mission critical. Crowd Strike He often calls this falcon exposure management, while Trend Micro Others call it Attack surface management. Combined with cyber risk quantification (CRQ) capabilities, these solutions help security leaders know which fixes lead to the most significant risk reduction. CEO and Founder George Kurtz Of CrowdStrike, he told VentureBeat in an interview: “One area that we’ve really been pioneering is that we can pick up weak signals from different endpoints. And we can correlate them together to find new discoveries. We’re now expanding that to include our external partners so we can look at weak signals.” The other is not just across endpoints but across domains and making a new discovery.

Post-quantum security and agility in cryptography: ““Q-Day,” when quantum computers can break RSA encryption and the current elliptic curve, is still many years away by many estimates. But this does not prevent companies from investing in new technologies to confront this threat today. Forrester advises prioritizing data discovery and acquisition audits, especially for financial services companies and government agencies.

Security data lakes: High-profile acquisitions and mergers in the industry, incl cisco Buy Splunk, integrate with LogRhythm xapimand IBM The sale of QRadar SaaS to Palo Alto Networks alerts us that this is an area that every CISO should pay attention to, given the ongoing innovations and potential price savings. VentureBeat found that organizations are increasingly evaluating security data lakes, e.g Amazon Lake Security, Snowflakeand Google PageQueryAs security data storage solutions without the high cost of traditional SIEM platforms. However, Forrester warns SIEM platforms of the challenge of rapid economic integration. Look for security providers that offer ready-made integrations with leading data lakes. cisco crowdstrike, Ivanti, Zscaler Others provide hooks to ingest, analyze, or automate data workflows into third-party lakes.

AI and Machine Learning Security: “It’s hard to go out and do something if AI is seen as a core tool; you have to think about it (separately),” Jeetu Patel, executive vice president and general manager of Security and Collaboration at Cisco, said. He told VentureBeatciting my findings Cisco Cybersecurity Readiness Index 2024. “The word used here is to use AI natively in your core infrastructure.” This is solid advice for any CISO advocating for a budget that includes AI and machine learning applications and components. VentureBeat continues to see platforms built with AI at their core as the most effective against multi-domain hack attempts. “It’s also important to note that a lot of organizations are implementing their own AI, so what we’re really looking at from a next-gen threat perspective is AI workloads,” Adam Myers, senior vice president of intelligence at CrowdStrike, told VentureBeat during a recent press conference. Because every organization in the world, I imagine, in the next couple of years, will be running their own AI. We need to protect those AI workloads as well.

IT managers need to think ahead about how best to protect the data, infrastructure, application support, and workloads required to have the security rights to deploy enterprise-level AI and AI generation.

CIOs and IT managers need to join forces in 2025 to achieve ROI

Alignment between CISO and CIO will be critical in 2025. This collaboration is essential to excel in business insurance. Bob Grazioli, CIO at Ivanti, advised CIOs during a recent interview with VentureBeat that “CEOs need to unify resources — budgets, staff, data, and technology — to strengthen the organization’s security posture. One of the key priorities for CIOs will be The year ahead is ensuring C-suite members leverage AI-driven insights to drive business outcomes, not just technical outcomes.

“However, investments in AI are undermined by a lack of access to data and visibility,” Grazioli continued. To address this problem, data silos between departments such as (those supervised by) the CTO and the CTO should be removed. AI has the potential to become a central source of information, significantly reducing the workloads of IT staff and providing security through a comprehensive view of an organization’s risk landscape. Achieving this level of visibility increases the likelihood that IT managers will be able to achieve the results they are trying to achieve.

Daily insights into business use cases with VB Daily

If you want to impress your boss, VB Daily has you covered. We give you the inside scoop on what companies are doing with generative AI, from organizational transformations to hands-on deployments, so you can share insights to maximize ROI.

Read our privacy policy

Thanks for subscribing. Check more VB newsletters here.

An error occurred.