Average security spending will peak at 8-12pc of IT budgets in Europe and the Asia Pacific region by 2007, according to new findings from the Meta Group. Organisations in the US are predicted to reach this peak a year earlier in 2006, the research firm said.
These budgets will stabilise at 5-8pc in the US by 2008 and at the same levels in Europe and the Asia Pacific region by the following year.
In Europe, research indicated that the rate of increase in security spending has been significantly slower than that witnessed in the US, primarily because there has not been as much publicity around compliance issues and cybercrime. The average information security spending in Global 2000 organisations is currently about 4pc of the IT budget, representing a continuing increase from previous years, the Meta Group said.
The picture in the Asia Pacific region is more variable, with the more mature economies such as Singapore, Japan, Australia, and South Korea reflecting patterns similar to those of the European countries. The maturing markets in the Asia Pacific region – Malaysia, Thailand, and the Philippines – are just beginning to invest in security, with spending rates expected to increase in the near future.
“Information security remains a top-five issue for CIOs and the debate regarding appropriate investment levels continues to rage,” said Tom Scholtz, vice-president with META Group’s Security & Risk Strategies advisory service.
“Although capturing and benchmarking information security spending is complicated, security teams must model overall investment to track parity with industry peers and account for the cost of satisfying business requirements for managing information risk.”
By Gordon Smith