Research Shows Security Spending Planned
New research shows that major corporations are viewing security as a strategic resource and making it a spending priority.
About half the 175 IT managers interviewed, from companies including Citigroup, AT&T, Cargill, MasterCard and Time Warner, said they plan to increase security spending over the next year.
Hot product areas included security appliances, with 79 percent saying they would deploy them over the next 12 months. Of those currently using appliances, 47 percent plan to increase spending.
Investments in enterprise security infrastructure also are being planned, as companies expand their security focus beyond perimeter protections.
Over 90 percent of respondents cited the rapidly growing body of regulations, such as the Sarbanes-Oxley Act, as a key driver of their implementation of an enterprise security infrastructure.
Some 51 percent of those interviewed said they have an intrusion prevention system (IPS) project planned for implementation before 2005. IPS were measured separately from intrusion detection systems (IDS), with IDS projects dropping off dramatically in frequency from TIP's previous study 6 months ago. Only 18 percent were planning a new IDS project.
TIP produces a ''heat index'' of the most urgent technology implementation plans.
Topping the list in the current study is wireless security, showing a dramatic increase in project interest in the past year. Some 39 percent of respondents have wireless security projects planned through 2004.
Anti-spam projects also are a top near-term priority, with 19 percent saying they have projects scheduled in the next 6 months. Application firewalls also are hot, with numbers increasing through 2003, and 32 percent planning an application firewall project in 2004.
''Respondents, in general, said they had resolved perimeter security issues to their satisfaction, and that the firewalls and IDSs in place were catching an acceptable number of problems,'' says David Taylor, chief research officer with TheInfoPro. ''What they thought was lacking was protection from internal vulnerabilities, such as from rogue current and former employees. So spending on IDS, firewalls and anti-virus tools is falling off. There are few new projects in those areas.''