More than half (54%) of companies plan on increasing IT security spending in 2019, according to an report released on Wednesday, and 30% of companies aim to increase spending by 10-20%. Despite the flood of new funding, the report highlights how unprepared most organizations still are for possible security threats.

One in three companies said they don’t feel ready to combat a cybersecurity threat, the report found. This lack of preparation leaves businesses vulnerable to attack, leading many large enterprises to consider spending more on IT security measures this year.

SEE: Information security policy template download (Tech Pro Research)

The enterprise also remains fearful of possible data breaches amid new privacy regulations such as GDPR, the report found. Some 97% of IT professionals said they are afraid of an Internet of Things (IoT)-based cyberattack, yet only 29% said they are actively monitoring their systems, reported our sister site ZDNet. However, companies are turning that around in 2019, the report added.

“Because data breaches occur on such a frequent basis, on the surface there seems to be a general disillusionment about the state of cybersecurity,” Sean Michael Kerner, senior security editor for, said in a press release. “Many of the findings point to the fact that more and more organizations are proactive about their cybersecurity challenges, instead of waiting for the next breach to occur.”

Network access controls (NAC), web gateways, and data loss prevention (DLP) are the three main IT security spending priorities for 2019, according to the report, displaying how security teams must balance both external and internal threats.

IT security teams have the most confidence in NAC tools, followed by DNS filtering, anti-virus technology, and web gateways, the report found. However, security professionals have the least confidence in phishing stimulation products, and breach and attack simulation tools.

To learn more about how cybersecurity should play a role in your IT budgeting, check out this article from our sister site ZDNet.

The big takeaways for tech leaders:

  • One in three organizations feel unprepared to handle a cybersecurity attack. —, 2019
  • More than half of organizations plan to increase IT security spending, especially on network access controls and web gateways. —, 2019