APAC Ahead of West in IT Security Spending

by CXOtoday Staff    Sep 05, 2008

A survey of IT security professionals in the APAC region has established that organizations in this region are spending more on security than their western counterparts.

The survey, carried out by Gartner, interviewed IT security professionals in major world-wide markets, including 156 in the APAC region (Australia (50), China (54), and India (52)). The objective was to understand the IT spending habits of organizations.

According to the survey, most organizations in the APAC region saw their IT security budgets for 2008 remain the same (45%) or increase (40%) over last year. Of the 52 organizations interviewed in India, 56% said they were spending “significantly more” or “somewhat more” in 2008 than in 2007.

Compare this to the results of a similar survey of American enterprise and SMB security decision-makers conducted recently by Forrester, and the difference becomes more pronounced.

According to the Forrester survey, only 21 % of the respondents expect to increase their IT security budgets in 2009, with security comprising only 10 % of overall IT operating budgets in 2008.

Matthew Cheung, senior research analyst at Gartner said that this reflects the difference between mature and emerging markets, which are still hungry for security solutions. “While the impact of the U.S. economic downturn had yet to be felt in APAC at the time the survey was done, investment in security technology, services, and staffing is viewed as critical and cuts in this area are not considered a result,” said Cheung.

Another reason, according to Cheung, could be the heavy concentration of SMBs in the APAC region

However, increasing security budgets may not improve an organization’s purchasing power, according to Gartner. “Growing inflation rates in the region are putting pressure on vendors’ prices. One way that you can get more for less is to consolidate spending by sourcing from fewer vendors and get discounts by spending more with fewer vendors,” said Cheung.

The Gartner survey has put the average percentage of the IT budget dedicated to security in Asia Pacific at around 15%.

Drivers of IT Security Spending in APAC

Data security is the top driver for security spending in organizations in the three countries surveyed, reflecting growing concerns about personal data privacy, especially in government, financial services and healthcare. While most of the top concerns in Asia Pacific are similar to other regions, Asian organizations ranked “lack of internal skills/resources” higher.

“There is a shortage of IT security personnel and related resources in emerging countries such as China and India, which are still premature in developing IT security measures and policies,” said Cheung.

In contrast to Western Europe and North America, government regulations and industry standards are not the primary driver for security spending in Asia Pacific. More than 30% of respondents in Asia Pacific chose “none” of the government or industry standards on the list of what is driving their IT security spending. However, 12% of respondents claimed “ISO standards” are driving security spending, reflecting the importance of quality control in countries that rely heavily on exports of products and services.

“Compliance is more important in mature markets where governments are increasingly enforcing laws and regulations,” said Cheung. “In Asia Pacific, IT security spending is driven from a business perspective rather than a regulations or standards perspective. That means businesses are paying more attention to customer needs like privacy, and critical information like financials, than to external factors. These business pressures push Asian organizations to continuously invest in IT security solutions that are crucial to their brand name, integrity, and accountability, as well as to business success in the region.”

Related links:
Spending in IT Security to Rise Further in 2008