Security Budgets Growing to Approx. 20% of IT Spending
A survey of 1,070 organizations by the Computing Technology Industry Association (CompTIA) found that security related spending reached 20% of IT budgets in 2006, up from 15% in 2005 and 12% in 2004.
Other findings include:
1. Organizations expect to increase spending across the board in security related areas over the next year
2. Almost half the organizations expect to spend more on technologies
3. One-third will increase spending for security training
The survey tracked spending allocation in five broad areas:
The survey also showed that for each dollar spent on security, about 42 cents is allocated for technology product purchases; 17 cents for security-related processes; 15 cents for training; 12 cents for assessments; 9 cents for certification; and the balance on other items.
It also found:
Antivirus software, firewalls and proxy servers continue to be the top technologies for security enforcement, utilized by nearly all organizations. The past two years have seen a significant increase in the use of multiple security enforcement technologies to combat attacks, including firewalls, proxy servers, intrusion detection systems, physical access control, multi-factor authentication, and other technologies.
The findings make sense. There is more awareness for multiple layers of security measures. High profile data breaches ensure executives know what is at stake, it's not just the security pros, network managers and system admins scrambling for adequate budgets.
It's not clear whether overall IT budgets are growing in the surveyed organizations but I'd guess they're not, at least not by much. I suspect IT budgeting is still pretty much a zero-sum game. While the added spending on security is good news, I suspect it means other worthy projects are not funded. Add that to the cost of cybercrime
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine
