WithSecure™ Pulse23

All you need to know about the latest IT and cyber security trends.



Our global market research survey asked thousands of IT professionals a series of questions about their jobs, organizations, and priorities for the upcoming year. The resulting data can be used to inform your IT and security strategies in 2023 and beyond.

Pulse23 reached 3,072 respondents (2,098 of which were from Europe) across 12 countries: the UK, France, Germany, Belgium, Netherlands, Denmark, Finland, Norway, Sweden, the US, Canada, and Japan. All respondents were security decision makers and influencers in IT, network, and cloud spaces, responsible for purchasing IT security products and services for their organizations.

To get the insights most valuable to you, use our personalization features and see data relevant to your industry, region, and company size.

Security Priorities for 2023

Our survey respondents told us their biggest business and technical priorities for the coming 12 months. The top five priorities for cybersecurity leaders are: 

Preventing data breaches.

Ensuring protection against malware and ransomware.

Ensuring security of cloud-based collaboration applications, such as Salesforce and Office 365.

Ensuring the security of an increasingly diverse pool of devices, services and software.

Preventing advanced e-mail-based threats, such as phishing or business email compromise (BEC).

WithSecure™ CISO roundtable webinar recording

We invited three leading CISOs from different industry backgrounds to join us and tackle the biggest security questions around. Get first-hand insight from the experts, as they discuss their security priorities, how to address them and what issues they expect to arise over the next 12 months. 

Our deep dive article on security priorities outlines the trends we found in our Pulse23 survey.

“The interesting point is that the options that no one chose as their priorities are the things that make the most difference when it comes to security posture; from experience, these are the competencies and practices that many organizations are missing.”

Peter Page, WithSecure, Head of Solution Consulting

Security Spend

Amid all the noise around cybersecurity, perhaps the most important issue for companies is the bottom line. Just how much are we supposed to spend on security? Is any amount enough? Does it depend on how many seats we have, our geographical location, or the type of industry we are in? Are my peers as concerned about how much they are spending – and how much of their budget are they allocating to this?

Our research threw up some interesting observations about cyber spending. The data suggests that as companies evolve their strategy, cost is becoming a less critical factor.


of respondets say their security
budget intentions will increase
in the coming 12 months.

In the coming 12 months...

Green Key

Our budget will increase by 11-15%

Green Key

Our budget will decrease

Green Key

Our budget will increase by 1-5%

Green Key

Our budget will increase by more than 15%

Green Key

Our budget will increase by 6-10%

Green Key

Our budget will neither increase nor decrease

Green Key

I don't know

Our deep-dive article on security spending is here to give you insight into how others are reacting to our ever-changing ecosystem.

“I always say you should start at an absolute minimum of 5%. Now, that is without any caveats: the more vital security is for the customer, the higher the percentage. And vice versa." 

Teemu Myllykangas, Director, B2B Product Management at WithSecure

"Companies need to decide how much security they want. They need to agree how much risk they're willing to accept, how much business disruption they can tolerate and what appetite they have for taking risk. Based on what they decide, rational security spending decisions can be made."

Paul Brucciani, Head of Product Marketing, WithSecure

Data Residency

Our 2023 Pulse survey showed that people in IT have strong opinions about where their organization’s data is stored and processed, something which can have huge privacy implications if mishandled.

The results show some interesting trends among respondents: opinions tended to differ among respondents from organizations of different sizes, as well as those working in different regions and industries.

When there is so much disagreement about the right way to handle data, how can a consensus be reached? Does an organization’s data residency policy affect its relationship with customers? More often than not, regulators and privacy campaigners are powerful influences.

Perhaps the most important question is why differences in opinion exist at all. Disagreements and misunderstandings can cause problems, particularly between IT influencers and deciders in the same organization. When it comes to privacy and protection, there is no room for error.

Where you keep the data

How important is geographic location to data processing in your role?


IT Deciders

IT Influencers

Top Management

Green Key

Data must be processed within the same country as our operations.

Green Key

Data must be processed within the same region (e.g. EU, North America, APAC) as our operations.

Green Key

It is of no importance where we process our end-customer data as long as all relevant legal and compliance requirements are met.

Green Key

We do not process data for end-customers.

Green Key

I don't know.

Read our deep dive article for more opinions on data residency.

“Data residency is something you have to consider as a company operating today. The reason being is that you might have customers who care about national security issues, and you as a start-up, for example, might have provided your software as a service product utilizing American cloud service providers. Is that something you can continue doing, can you continue to innovate at the same pace as previously, or do you have to find an alternative solution to that? That is something you need to consider.”

Alberto Koubov Gonzalez, Consultant, WithSecure 

Vendor Migration

Changing security vendor is an enormous undertaking. It is a huge time and resource investment. Despite this, our Pulse23 survey shows that more than 30% of respondents changed their vendor in the last six months, with the same proportion planning to change their vendor in the coming six months.

This indicates that a massive wave of vendor migration is underway. Why, and what will be the cost?

Green Key


Green Key


Green Key

We are considering it but have not yet decided

Green Key

I don't know

Interested in learning more?

Download the full report to get all the data from 2022 and our security experts’ recommendations for 2023.

Related content

Read more
Read more