Penny-pinching UK firms sacrifice information security spending

Less than a third planning to increase IT security spending

Only 31 per cent of UK firms plan to increase security spending

UK companies plan to spend less on securing vital corporate information than their international competitors, despite growing C-level recognition of the importance of information security.

According to a new survey bt PricewaterhouseCoopers (PwC), less than a third of UK-based firms plan to increase IT security spending next year (31 per cent), compared with an international average of 52 per cent.

Despite the stringent spending restrictions, the importance of a strategic approach to information security was increasingly understood at the most senior levels, thanks to high-profile incidents such as the one that led to Zurich Insurance being fined £2.3m by the Financial Services Authority, said William Beer, director of PwC’s OneSecurity practice.

“The UK spending plans simply reflect the overall pessimism about the economy,” he said.

The belt-tightening under way in the UK is forcing companies to re-evaluate how all aspects of their security strategy – people, process and technology – are aligned with the business strategy, said Beer.

“Firms are also evaluating whether the chief information security officer should report in to the CIO, the CFO or whether information security was so critical that they should report directly to the board,” Beer added.

PwC surveyed more than 13,000 C-level executives from across the globe.