Bigger Budgets, More Technology

More than half of the businesses responding to a recent survey by the Yankee Group indicate that they expect IT security budgets to increase over the next three years, compared to only 8 percent who foresaw a decrease and 37 percent who expected the budget to remain the same. The survey was based on interviews with 404 decision makers in medium-size to large companies across a wide range of industries.

Antivirus, intrusion detection/prevention devices, and firewalls topped the list of technologies to be purchased, revealing that respondents were more concerned with preventing damage from cyberattacks than with controlling internal users. Access control, authentication, and wireless security products were at the bottom of intended purchases. And for businesses that outsource to a security service provider, price was the top criteria. Following close thereafter, and in almost equal percentages, were responsiveness, breadth of services, and knowledge of the organization's business processes.

The survey also revealed that it costs companies in excess of $1 million to patch 5,000 desktops--averaging $234 per desktop and as high as $268 for financial-services firms. "These numbers ring true," says Abe Kleinfeld, president and CEO of nCircle, a San Francisco-based provider of vulnerability management solutions. Moreover, Kleinfeld says, such costs "are likely to increase as the number of vulnerabilities escalates."

The survey concludes with a host of predictions for the IT security marketplace. For example, the survey foresees further partnering or acquiring between major security vendors, including purchases of antispam vendors by Internet service providers as well as e-mail software and antivirus vendors. The survey authors estimate the market for managed security services will reach almost $4 billion by 2008.

@ Enterprise Security Spending Results: Security Market Predictions for 2004