In-Depth

Security Spending Will Top All IT Investments

IDC predicts security and business continuity spending will increase twice as fast as overall IT budgets between now and 2007.

• By Mathew Schwartz
• 10/01/2003

Thank Slammer, Blaster, and their ilk, as well as the August blackouts in the Midwest and East Coast, for helping make business continuity and security top-of-mind. “Corporate spending on security and business continuity has been held back by two factors: uncertainty about the severity of risk posed by security threats and ongoing budget austerity,” notes John Gantz, chief research officer and a senior vice president at IDC.

Now, however, “any skepticism about the potential consequences of a security breach is fading fast,” he says. As a result, in the short term, budgets have been allocated to address fundamental security flaws in the enterprise. Longer-term, IDC says privacy regulations—especially the Health Insurance Portability and Accountability Act (HIPAA) and the Gramm-Leach Bliley Act (GLBA)—will demand increased spending from companies to get (and stay) in compliance. Spending will break down evenly between software, hardware, and services.

IDC’s results come in its “Worldwide IT Security and Business Continuity Forecast, 2002-2007.” To generate the numbers, researchers studied 200 IDC market forecasts from eight regions in 20 categories, and surveyed nearly 1,000 IT managers about their organizations’ active projects and spending priorities.

Some other interesting findings from IDC’s research: 40 percent of IT managers surveyed now rank security as their number-one priority; that response led the pack, making security the overall greatest concern. In addition, more respondents say their security funding has grown than not over the past six months. Security, vis-à-vis other IT spending, is notably alone in that respect.