LONDON, Ontario -- IT departments in U.S. enterprises will have spent US$61 billion on security by the end of this year, representing 7.3 per cent of total IT spending in the U.S., a new report from Info-Tech Research Group states. Between US$21 billion and US$27 billion of that total is spent on acquisition of new security technologies and services, while the balance goes to operations, primarily staffing costs. Business services (US$10.8B), Financial services (US$10.4B) and Government sectors (US$9.9B) are the top spenders, for a combined total of US$31 billion, or just over half of the total IT security spend. At the other end of the scale, Education (US$3.6B), Health Care (US$3.2) and Primary Industries (US$2.5B) combined represent only US$9 billion of the overall IT security spend.
IT security has become a higher priority over the last few years, with a greater proportion of the overall IT budget being spent on security equipment and services, said Ed Daugavietis, senior research analyst with Info-Tech Research Group. In the past year alone, 46 per cent of IT managers have increased spending on security compared to only four per cent who have decreased their level of security spend. Increased priority on security has been influenced by post-911 disaster recovery and storage requirements, increased security threats from malware that includes viruses and other day-to-day intrusions, and tighter focus on privacy and compliance with legislation, Daugavietis said. High spending by the Business, Financial and Government sectors is attributed to the need for privacy, accuracy and data protection required in those areas, he added.
The study also found that enterprise spending on security and importance placed on security preparedness increases incrementally with the size of the company. The larger the company, the greater the percentage of the overall IT budget allocated to security. The research findings cap an extensive study of the US and Canadian markets for IT security conducted by Info-Techs Indaba Division over six months this year, including 1,100 U.S.-based IT decision-makers.
While many companies will have tactical reasons to exceed or under-spend compared to the average 7.3 per cent of IT budget, those that are spending in the five to ten per cent range can be assured that their budgeting is consistent with industry norms, said Daugavietis. Companies spending less than five per cent of their IT budget on security might want to ask themselves hard questions about how they would recover from disaster or how well they are protecting their networks from intrusions, he concluded.
Info-Tech Research Group