Tech Chiefs Plan to Boost Cybersecurity Spending

Source: WSJ | Published on January 3, 2020

Cyberattacks pose risk to creditworthiness

Companies are pouring money into digital defenses in an effort to stem the spread of malware, which hackers are using to steal data, commit fraud and disrupt victims’ operations.

Corporate technology leaders are looking for real-time overviews of activity on their networks and deep analysis of risk. Tools that support such needs will be key investments in the coming year, said Eric Johnson, chief information officer at San Mateo, Calif.-based SVMK Inc., the parent company of online-survey software maker SurveyMonkey Inc.

“I can’t foresee [that] any company—and particularly a company with significant data requirements like SurveyMonkey—would decrease their cybersecurity spend in the foreseeable future,” he said. Mr. Johnson was one of 30 tech executives who responded via email to The Wall Street Journal’s annual end-of-year questionnaire about their cybersecurity budgets and other issues.

Across industries, average spending on cybersecurity is 5% to 8% of the overall technology budget, according to research firm Gartner Inc. In manufacturing, 2% to 4% is average, though other sectors spend much more, said Sam Olyaei, a director in research and advisory at Gartner. Financial-services firms, for example, spend 10% to 15% of their information-technology budgets on cybersecurity, he said.

International Business Machines Corp. plans to boost its 2020 cybersecurity spending by “double-digit percentage points” from the previous year, said CIO Fletcher Previn, declining to provide more details.

Tim Nall, chief information officer at Brown-Forman Corp., expects his security budget to increase by 8% to 10% in 2020 from 2019 as the company bolsters protection of data.

The Louisville, Ky.-based maker of Jack Daniel’s and other liquors has in the past year expanded its data-analytics program to projects such as pricing strategy and assessing the market for new products, including the Old Forester rye it launched in January 2019.

Brown-Forman works with about 200 external information feeds and collects data from its own business operations. To help guard it all, the company is considering whether to buy more data-loss-prevention software, Mr. Nall said. These tools detect potential breaches, looking for activity such as the movement of unusually large swaths of data.

New York-based UiPath Inc., which makes software for automating business processes, plans to increase its use of services from CrowdStrike Holdings Inc., said Ashim Gupta, UiPath’s chief financial officer and interim CIO.

CrowdStrike offers cloud-based tools to protect laptops, mobile phones and other devices. Expanding these services, in addition to funding other security initiatives, will raise UiPath’s cybersecurity spending by about 25% in 2020 from 2019, Mr. Gupta said.