IBM study of 138 security executives finds more emphasis on risk management. Security is not an ad hoc topic, but rather a regular part of business discussions. 60% of advanced organizations named security as a regular boardroom topic, compared to only 22% of the least advanced organizations. Nearly two-thirds of respondents expect information security spend to increase over the next two years and of those, 87% expect double-digit increases. Leading organizations are twice as likely to use metrics to monitor progress, the study showed.”]