Last week, we explored the gap between reality and perception as it pertains to the stage of cybersecurity (e.g. detection, recovery) companies invest in most. Today, we’re examining cybersecurity IT spending – namely, where companies are currently investing their money and where they should actually invest.

The Ponemon Institute’s report on the cost of cyber-crime asked organizations to quantify the percentage they allocated in their dedicated IT budget to cybersecurity protection in six different “layers”:  

  • Network layer 
  • Application layer 
  • Data layer 
  • Human layer 
  • Physical layer 
  • Host layer

Given that attacks are coming from all directions – whether it’s an inside job, multinational hackers on the Dark Web, or somewhere in between – you would think that most companies would split their IT spend evenly across the six layers. That’s the perception many companies give when they discuss their “holistic and comprehensive cybersecurity strategy”, after all.  


However, just as we saw last week, the perception isn’t lining up with reality.  

The research found that 30 percent of budgeted IT spending is on the network layer, with the next highest percentages of funding in the application and data layers (19 percent each). The host layer comes in last, only receiving 8 percent of funding.  

This blog isn’t a technical deep dive into each of the layers. However, if you look at the types of cyber-attacks experienced by these companies, you’ll quickly see that IT spending isn’t allocated properly. For example, 35 percent of companies surveyed by Ponemon reported cyber-attacks via malicious insiders and 45 percent said that devices were stolen. Considering only 13 percent of IT spending is on the human layer and 11 percent is allocated to the physical layer, it is evident why there’s such a high percentage of these attacks: The funding to stop them is too low.  

On the bright side, it’s good that many companies recognize they shouldn’t be spending all of their money on one layer. Cybersecurity IT spending, though, is much like diversifying an investment portfolio: If you fail to rebalance your portfolio on a regular basis, it can have a negative effect on your overall returns.   

Back to cybersecurity: Maybe network attacks were popular last year, but now attackers will move on and try to attack host layers. If your funding at the host layer is pitifully low, you’re opening yourself up to attack.  

A multi-pronged approach to cybersecurity will benefit you, as equal defense across all of your layers assures there’s no soft spot that will leak information assets like a sieve. The more layers of security that exist, the better your chances are of not only preventing breaches, but also quickly identifying and stopping unauthorized access before data is extracted. 

It can be hard to determine how to protect all of your IT layers. We can help. Visit our website today to learn how we protect your assets with hardened security implemented at every layer, from hardware to application.  

Written by Rob LaMear, CEO, US Cyber Vault

Once a month we share where we will be speaking in the world as well as expert opinions on cyber security, data loss prevention, and information security that we like from the larger community.  Receive our next issue by signing up here.