Security spend in IT budgets can be reduced

by CXOtoday Staff    Jun 15, 2010

According to Gartner, organizations with mature and recently updated security programs will be able to show even greater efficiencies. Security risks will not cease to exist but companies can still manage to reduce security spending by 3 to 6 percent of their overall IT budgets through 2011 if they are efficient and secure to begin with.
"The average percentage of IT spending that security will comprise in 2010 is 5 percent, down from 6 percent in 2009," said Vic Wheatman, research director at Gartner. "In 2009, in the face of a significant IT spending downturn, security spending grew slightly as a percentage of the IT budget, while many other IT spending areas were gutted. With the economic situation projected to improve in 2010, enterprises are ramping up investments in other spending areas faster than they are for IT security."
According to the Gartner analyst, enterprises continue looking for security platforms such as endpoint security, next-generation firewall, web security gateways, e-mail security gateways and multifunction firewalls for branch offices, where ever they are required.
However, clients are still looking for best-of-breed solutions — even where platforms do not make sense; such as in vulnerability assessment. In many cases, customers will seek lower-cost contracts and delivery models and are also starting to explore the use of open source tools and internal labor, or contracting for various security services.
In 2010, security spending that is more tightly tied to new business initiatives, such as complex identity and access management (IAM) and data loss prevention (DLP) projects, is beginning to reappear. According to Gartner’s 2010 CIO Survey, IAM is the top security priority for 20 percent of organizations and more than 40 percent of the organizations have named intrusion prevention systems, patch management, DLP, anti-virus and identity management among the top five security priorities for 2010. Gartner is also foresees strong spending on intrusion prevention.
North American companies led security spending in 2009, averaging 5.5 percent of IT budgets. This compares with 5 percent in Asia/Pacific, 4.8 percent in Latin America and 4.3 percent in Europe, the Middle East and Africa. Security spending also varied significantly from industry to industry and was higher for industries that are high-visibility or in regulated environments such as professional services (6.8 percent), government (5.9 percent), and banking and financial services (5.3 percent) because of requirements for the protection of lives, financial assets and intellectual property.