Optiv has published its 2024 Threat and Risk Management Report, exploring how organizations are maintaining pace with the evolving threat landscape. Specifically, the report examines the efforts of organizations in terms of cybersecurity investments and governance priorities. For instance, among organizations with more than 5,000 employers, 63% allocated an average of $26 million toward cybersecurity investments in 2024. 

The top three investments made among organizations include acquiring additional cybersecurity tools (51%), investing in identity and access management programs (58%) and investing in internal security assessments (60%). Yet, only 36% of respondents claim to have a formal approach to establishing cybersecurity budgets, potentially leading to missed opportunities in addressing security gaps. 

The report suggests that the increased cybersecurity budgets may be caused by a rise in security incidents. 61% of respondents reported experiencing a cybersecurity event within the past two years, and 55% reported experiencing four or more incidents. 

As organizations invest more in cyber technology, 40% of respondents say their organization has too many technologies, thus decreasing overall effectiveness. 29% believe that they have the right amount of tools. The report emphasizes the importance of approaching cyber budgeting with a strategic plan.