“Security managers lack influence over security budgets” reports SRI

Results are based on the views of security professionals from both in-house and contract positions (predominantly those currently in a ‘security manager/director’-type role), collected via an online survey in addition to in-depth interviews.

The survey outcomes make for particularly interesting reading. 76% of those security professionals surveyed agreed that being able to influence the budget is key to delivering good security. Influence over the budget was considered important for several reasons. It’s deemed to afford status to security in discussions with other departments, in turn enabling security advice and proposals to commonly be listened to, while also helping to direct the allocation of resources using relevant expertise.

A lack of influence here means that security managers cannot purchase basic and essential resources or plan effectively, duly resulting in security decisions being made by non-security experts.

Levels of influence

Some 51% of respondents in a current security management role had a high level of influence on the budget. 10% were ‘not involved’. 46% of security managers/directors thought that their current budget was ‘insufficient’ (42% thought it was ‘sufficient’). Unsurprisingly, those with the highest levels of influence over the budget were the least likely to view it to be insufficient.

Reasons for the budget being considered less than required included the belief that the budget allocated did not reflect the risks faced and didn’t cover key areas such as training, travel, basic equipment and contingencies. Teams were understaffed, rising costs are not covered and it’s often a case of being asked to provide more for less.

The chances of being allocated an appropriate budget were improved if the security function was seen as being core to business (86% of respondents agreed on this assertion), an organisation understands its security threats and risks (85% agreed) and/or the security team has a high status (83% agreed).

Research participants highlighted a number of ways in which security managers can become influential. For example, they can relate security spend to reducing business risks and improving operations, highlight the dangers and risks in not meeting objectives, ensure the risk owner understands and accepts the implications/risks and use data to underpin the fact that arguments are evidence-based. Further, they can link physical security spend to cyber security (where the latter is is viewed as a greater priority, thereby attracting a bigger budget).

Overall, this latest SRI research underlines the importance of security professionals being able to influence the budget, so too the barriers to them being able to do so effectively.

Delivering good security

Professor Martin Gill CSyP FSyI, director of Perpetuity Research who led the study, noted: “Based on our sample, it’s striking that so many security managers do not have the desired level of influence over the security budget, and that so many consider their current budget to be inadequate, especially so given that having influence was widely considered to be key to delivering good security.”

Gill added: “In the current climate of economic uncertainty, recruitment challenges, cost of living increases and budget cuts, the advice offered by our sample should be heeded.”

The Security Research Initiative is sponsored by the security sector (buyers and suppliers) and involves an annual study. The reports are made available free of charge in order to provide a more informed information base about the workings of the security sector.

The Security Research Initiative is supported by the ADS Group, ASIS International’s UK Chapter, the British Security Industry Association, IFPO UK, the International Professional Security Association, The Security Institute and SASIG.

*Download copies of ‘The Role of Security in Influencing the Budget’ online at https://perpetuityresearch.com/category/publications/security-research-initiative/