Five truths have emerged from five years of the "Global State of Information Security" survey. After five years of conducting the “Global State of Information Security” survey, we have noted some critical trends in information security. We’ve also uncovered nontrends—numbers that remain so constant and predictable that we can now call them conventional wisdom. Here, then, are five pieces of wisdom based on numbers in the survey that never seem to change. Spending lags. You’re always about 10 percent happier with security policy’s alignment with the business than you are with security spending’s alignment. Over the years, roughly 85 percent of you have said that your security policies are completely or somewhat aligned with the business, while just 75 percent said that about spending. After all, who doesn’t want more money? Also see SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe The Fifth Annual Global State of Information Security Partners too. You’re more confident in your own security than that of your partners, suppliers and vendors. Once again, around 80 percent to 85 percent of you were either very or somewhat confident in your security, but when you were asked about partners and vendors, the number dropped to between 70 percent and 75 percent. Remember, you’re someone’s partner and he’s not too thrilled about you either.Few are cocky. About one in 12 of you think very highly of yourselves. Since 2003, the number of respondents who claimed 100 percent of their users were in compliance with their security policies hovers around 8 percent. Size doesn’t matter. Company size does not affect spending. When the information security budget is measured as a percentage of the IT budget, it remains constant no matter how many employees a company has or what its revenues are. Size of company matters less in security spending than in industry. Technology companies spend the most; nonprofits and educational enterprises spend the least.Banks lead. Financial services companies are attacked more but suffer less. Over the years, respondents in the money business have reported more security incidents without an appreciable increase in losses or downtime as a result. They do this despite not having significantly larger security budgets than others. The financial sector models best practices. Related content opinion The changing face of cybersecurity threats in 2023 Cybersecurity has always been a cat-and-mouse game, but the mice keep getting bigger and are becoming increasingly harder to hunt. By Dipti Parmar Sep 29, 2023 8 mins Cybercrime Security brandpost Should finance organizations bank on Generative AI? Finance and banking organizations are looking at generative AI to support employees and customers across a range of text and numerically-based use cases. By Jay Limbasiya, Global AI, Analytics, & Data Management Business Development, Unstructured Data Solutions, Dell Technologies Sep 29, 2023 5 mins Artificial Intelligence brandpost Embrace the Generative AI revolution: a guide to integrating Generative AI into your operations The CTO of SAP shares his experiences and learnings to provide actionable insights on navigating the GenAI revolution. By Juergen Mueller Sep 29, 2023 4 mins Artificial Intelligence feature 10 most in-demand generative AI skills Gen AI is booming, and companies are scrambling to fill skills gaps by hiring freelancers to make the most of the technology. These are the 10 most sought-after generative AI skills on the market right now. By Sarah K. White Sep 29, 2023 8 mins Hiring Generative AI IT Skills Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe