Forrester analyzes how CISOs in Asia Pacific plan to allocate 2021 budgets while facing more scrutiny than ever.

Cybersecurity professionals have had a challenging past 18 months. Pandemic conditions posed challenges for long-term budget planning. Work-from-home policies, disrupted business models, and drastic alterations to how firms engage with customers expanded the attack surface CISOs protect.

In a new infographic on Asia Pacific security budgets, Forrester provides some key findings about CISO priorities in during the COVID-19 pandemic, including:

  1. 39% of their IT security budget is spent on security in 2020, up from 29% in 2019
    Firms in APAC are ramping up their security investment because of new breach notification laws, increased media attention, and boards of directors taking security seriously. CISOs in the region are finding that they finally have the attention and budget they’ve always wanted.
  1. Security spending still suffers from lack of prioritization
    APAC security leaders’ budgets in 2020 were thinly spread, almost evenly across several tech areas. Firms investing more than 25% of their IT budget on security will invest more differentially in capabilities including their SOC, GRC program, and OT security programs.
  1. Security leaders at APAC enterprises would spend more on tech than staffing
    On average, 39% of their budgets would be spent on buying, upgrading, and maintaining on-premises technology solutions. In contrast, they will spend just 12% on staffing.
  1. 66% of APAC senior security decision-makers increased their IT budget for security in 2020, in spite of a global pandemic that threatened many business initiatives
    This highlights the continued priority organizations are placing on security in APAC in 2021.

In the infographic highlighted here, CISOs in the region demonstrate the people-, business-, and culture-related strategic priorities in place for 2021. This indicates security programs in APAC organizations are becoming less operational and more transformational.

Forrester believes that, as the focus on cybersecurity continues to grow in APAC, these priorities will set up CISOs in the region for success.