META Paints (Relatively) Rosy Security Spending Picture
While companies decreased overall IT spending by an average of just over 3% in 2002 compared to 2001, they increased expenditures for security software, according to a META Group study.
For its 2003 Worldwide IT Benchmark Report, META collects data on an ongoing basis from a panel of 25,000 IT professionals. On top of the decrease in IT spending last year, META is predicting a decrease of nearly 5% in overall IT spending for 2003.
Yet META's data shows a bump in security software spending just after Sept. 11, 2001 -- at least as a percentage of overall IT spending, if not in real dollars. In a survey taken earlier in 2001, the company found only 18% of respondents spent more than 5% of their overall IT budget on security software, the rest 5% or less. When it conducted the same survey in November 2001, META found that 33% spent more than 5% -- a substantial increase.
The most current results show security software spending has remained at a "similar" level to that of the November 2001 survey, the META report says. But the figures tell a somewhat different story, showing that only 23% of respondents spent 5% or more of their IT budget on security software -- down a full 10 percentage points from the November 2001 survey.
META has an explanation for its outlook. In the immediate aftermath of Sept. 11, security spending focused primarily on backup and recovery applications, but is now shifting to intrusion detection and other protective applications, said Christian Byrnes, META Group vice president and lead security analyst, in a prepared statement.
Dr. Howard Rubin, META Group executive vice president and author of the 2003 Worldwide IT Benchmark Report, agreed, saying in the same statement that heightened awareness of internal and external security threats will make finding budget for security "imperative."
October 08, 2002
The author of a book on network security warns that most companies aren't spending enough money to adequately protect themselves and most IT administrators are out of control of their own networks.