More than a couple of months ago, all security an network engineers, has been involved with the Heartbleed’ Bug. A huge number of applications and appliances was affected by this bug. In the immediate, everyone was rushing and checking their stuff for the bug’s presence and the available patch.
Few weeks later, the situation seems to be not that better, and there may actually be a lot more servers “bugged” because the count applies only to already verified cases.

I’m talking about this well known issue, because of this other document. You can read in it (the pagination is not quite good with some missing information in some slides), some forecast expenses for next year.

Fortunately IT expense to support business growth (expecially, IT security), is present (in almost all the forecast expense in the document), even if a real risk plan is still missing (for the most of the companies).