IT security spending to decline of overall IT budget
By siliconindia   |   Tuesday, 15 June 2010, 15:11 IST   |    9 Comments
Printer Print Email Email
IT security spending to decline of overall IT budget
Bangalore: With security risks not going away for companies, enterprises will reduce the share of security spending by three to six percent of their overall IT budgets through 2011, according to research and analyst firm Gartner. "The average percentage of IT spending that security will comprise in 2010 is five percent, down from six percent in 2009," Vic Wheatman, Research Director at Gartner, told Mark Cox from eChannel Line. "In 2009, in the face of a significant IT spending downturn, security spending grew slightly as a percentage of the IT budget, while many other IT spending areas were gutted. With the economic situation projected to improve in 2010, enterprises are ramping up investments in other spending areas faster than they are for IT security," said Wheatman. He also said enterprises continue looking for security "platforms" such as endpoint security, next-generation firewall, Web security gateways, e-mail security gateways and multifunction firewalls for branch offices, where they make sense. Identity and Access Management (IAM) is the top security priority for 20 percent of organizations surveyed in Gartner's 2010 CIO Survey, making it the clear leader among the most-important projects. More than 40 percent of organizations named intrusion prevention systems, patch management, DLP, antivirus and identity management among the top five security priorities for 2010. In 2010, however, security spending that is more tightly tied to new business initiatives, such as IAM and data loss prevention (DLP) projects, is beginning to reappear. In addition, spending is set to continue for such priorities as supporting guest networking and employee teleworking, securing wireless LANs, meeting Payment Card Industry standards, consolidating audit trails, security information and event management, and penetration testing requirements. Gartner is also continuing to see strong spending on intrusion prevention. However, Wheatman said that clients are still looking for best-of-breed solutions, where platforms do not make sense -- such as in vulnerability assessment. In many cases, customers will seek lower-cost contracts and delivery models and are also starting to explore the use of open-source tools and internal labor, or contracting for various security services. North American companies led security spending in 2009, averaging 5.5 percent of IT budgets. This compares with 5 percent in Asia/Pacific, 4.8 percent in Latin America and 4.3 percent in Europe, the Middle East and Africa. Security spending also varied significantly from industry to industry and was typically higher for industries that are high-visibility or in regulated environments or require higher levels of risk mitigation, such as professional services (6.8 percent), government (5.9 percent), and banking and financial services (5.3 percent) because of requirements for the protection of lives, financial assets and intellectual property. "Determining how much a specific enterprise spends on information security is not an easy exercise, particularly during time of economic uncertainty," said Wheatman. "However, regardless of industry or geography, we would urge organizations to use their best efforts to evaluate enterprise spending, while recognizing that they may not be capturing all security spending because of organizationally diffused security budgets."

Votal AI: Redefining Workforce Efficiency Through Ethical AI