Battle Tendency

Most relevant IT investments in 2019

solution Battle Tendency

October 25, 2019

In our last article, we talked about cybersecurity risks that may be present in the most popular IT technology currently in use. Although we mentioned some of these in the second part of our previous blog this time our topic will be slightly different. We will focus on the main IT investments for 2019 and the expected changes and trends for upcoming years. We will discuss about the budget allocation regarding IT, as well as the factors that lead companies to invest, or increase the investments in technology.

Budget Growth

In recent years IT’s increasing relevance has been reflected in the increase in IT budgets. According to Spiceworks, in its State of IT report [1], by 2020 44% of companies surveyed will have increased, and plan to keep increasing, their technology budgets in upcoming years. Reasons to increase IT budgets are diverse, however, the most common factor concerning most companies is their need to replace outdated technology in order to remain competitive within their market. Relevant factors are:

Top factors leading to IT budget increases in 2020

Figure 1. Top factors leading to IT budget increases in 2020. Source: [1].

Company size must always be taken into account when discussing technology and money. The larger the company, the higher the budget dedicated to IT, as we see in the following comparative table [2]:

Comparative Table

Figure 2. IT Budget Comparison of different companies size. Source: [2].

However, a large investment in IT does not necessarily translate into improved security. A smart investment is frequently better and more profitable. Focusing on proprietary tools that do not solve the root causes of issues can mask real security risks and may promise solutions to nonexistent problems. A better course of action is to focus on real solutions.

As was previously mentioned, the most common reason companies invest in new technology is to replace old technology and thus remain competitive, but security also plays an important role in this field, since it is the second most relevant reason companies invest in IT.


"One in four enterprises (1,000+ employees) are increasing 2020 IT spend due to a recent security incident."

Companies seem to learn the hard way. It often takes a security breach for a company to increase or even define appropriate security policies regarding IT. Again, a higher investment does not guarantee a company’s resources will be protected. Investments must be balanced with good security practices and procedures to address worst-case scenarios, guaranteeing the safest and best use of every resource. With this in mind, we created Criteria, a summary of security practices and recommendations based on international security standards primarily in software, but also taking into consideration hardware and physical security measures. Check it out, it is free, and I am sure you will agree that enhancing the security policies of your company should be a top priority.

So, Where is all this budget going?

Now that we’ve clarified that companies are interested in improving their technology and that there is budgetary support for these changes, we should identify where allocated budgets are going. Of course, it depends on a company’s long-term vision, as well as its size, but we can search for some patterns if we take a look at the budget allocation trends projected for IT in 2020:

Budget IT Allocation in 2020

Figure 3. IT budget allocation in 2020. Source [1].

Spiceworks' [1] research surveyed 1,005 European and North American companies. They found that in 2020, companies' main investment interests are projected to be in hardware, software, and cloud-based services. So let’s take a look at the results and form our own conclusions.

What grabs our attention is the IT technology that companies are most interested in acquiring. This technology is likely to become the industry trend in the upcoming years. Spiceworks can help us again to form a more complete picture of what hot topics will be trending in the technology field:

Adoption of technology trends according to Spiceworks

Figure 4. Adoption of technology trends according to Spiceworks. Source: [1].

We can also take a glance at the KPMG report [2] which offers us a similar panorama for IT investments in 740 technology companies from 12 countries:

Investment Rankings according to KPMG

Figure 5. Investment Rankings in 2019 according to KPMG. Source: [2].

Now we see some patterns emerging. Internet of Things (IoT), IT automation, Artificial intelligence, Virtual reality, and Blockchain technology are the most adopted technology for several companies. Some other trends, such as serverless computing, container technology, and hyperconverged infrastructure, are all technologies that we often use at Fluid Attacks. We are dabbling in artificial intelligence in a cybersecurity approach for vulnerabilities classification, and we already asserts the vulnerabilities closures on our customers' pipelines (CI/CD) with our continuous hacking service. We are aware of the potential of some of these techniques, not only for cybersecurity and overall hardening but also for development and operations. In the near future, we hope to implement some of these in our products.


Technology is constantly evolving, whether we are ready or not. It is futile for a company to fight against trends. Embrace them and adapt to them because these changes make our work easier. Technology companies with outdated hardware, software, infrastructure or policies are destined to fail in the long term. Increasing awareness of current and emerging technology is a must to ensure a company’s competitiveness in an everchanging market.



Subscribe to our blog

Sign up for Fluid Attacks’ weekly newsletter.

Recommended blog posts

You might be interested in the following related posts.

Photo by Saketh Upadhya on Unsplash

Get an overview of vulnerability assessment

Photo by Anchor Lee on Unsplash

Benefits of continuous over point-in-time pentesting

Photo by Nik Shuliahin on Unsplash

For which security standards is pentesting a must-have?

Photo by Thomas Griggs on Unsplash

Pentesting is a system-agnostic approach to security

Photo by sebastiaan stam on Unsplash

Injecting JS into one site is harmful, into all, lethal

Photo by Dmitry Ratushny on Unsplash

Differences between these security testing approaches

Photo by Kostiantyn Li on Unsplash

Our CLI is an approved AST tool to secure cloud apps

Photo by Jeff Lemond on Unsplash

How BAS solutions work, their importance and benefits

Start your 21-day free trial

Discover benefits of our Continuous Hacking solution, which hundreds of organizations are already enjoying.

Start your 21-day free trial