- Event Registration
- Events Calendar
- Gartner Blog Network
- Videos
- Podcasts
- Photographs
- Gartner Books
- Analyst Coverage Areas
- Press Release RSS Feed
- Attribution Guide
- Products & Services
- Company Profile
- Investor Information
- Executive Profiles
- Board of Directors
- Acquisition History
- Gartner Policies
- Office of the Ombudsman
- North America
- Europe
- Australia / New Zealand
- S.E. Asia / North Asia
- India and Korea
- Japan
- Latin America / Mexico
- CURRENT
- VIEW ALL
Gartner Says Efficient and Secure Enterprises Will Safely Reduce the Share of Security in their IT Budgets by 3 to 6 Percent of Overall IT Budgets Through 2011
Key Security Issues to Be Discussed at Gartner Security & Risk Management Summit 2010, June 21-23, in Washington D.C and at Gartner Security & Risk Management Summit 2010, September 22-23, in London, U.K.
STAMFORD, Conn., June 10, 2010 — While security risks are not going away for companies, efficient and secure enterprises will actually safely reduce the share of security spending by 3 to 6 percent of their overall IT budgets through 2011, according to Gartner, Inc. Organizations with very mature and recently updated security programs will be able to show even greater efficiencies.“The average percentage of IT spending that security will comprise in 2010 is 5 percent, down from 6 percent in 2009,” said Vic Wheatman, research director at Gartner. “In 2009, in the face of a significant IT spending downturn, security spending grew slightly as a percentage of the IT budget, while many other IT spending areas were gutted. With the economic situation projected to improve in 2010, enterprises are ramping up investments in other spending areas faster than they are for IT security.”
Mr. Wheatman said enterprises continue looking for security “platforms” such as endpoint security, next-generation firewall, Web security gateways, e-mail security gateways and multifunction firewalls for branch offices, where they make sense.
However, Mr Wheatman said that clients are still looking for best-of-breed solutions, where platforms do not make sense — such as in vulnerability assessment. In many cases, customers will seek lower-cost contracts and delivery models and are also starting to explore the use of open-source tools and internal labor, or contracting for various security services.
While security spending tied to "keeping the bad guys out" was not heavily affected by the economy and will remain on pace for 2010, a significant number of IT security organizations had to scale back on large, capital-intensive projects in 2009. In 2010, however, security spending that is more tightly tied to new business initiatives, such as complex identity and access management (IAM) and data loss prevention (DLP) projects, is beginning to reappear.
IAM is the top security priority for 20 percent of organizations surveyed in Gartner's 2010 CIO Survey, making it the clear leader among the most-important projects. More than 40 percent of organizations named intrusion prevention systems, patch management, DLP, antivirus and identity management among the top five security priorities for 2010.
In addition, spending is set to continue for such priorities as supporting guest networking and employee teleworking, securing wireless LANs, meeting Payment Card Industry standards, consolidating audit trails, security information and event management, and penetration testing requirements. Gartner is also continuing to see strong spending on intrusion prevention.
North American companies led security spending in 2009, averaging 5.5 percent of IT budgets. This compares with 5 percent in Asia/Pacific, 4.8 percent in Latin America and 4.3 percent in Europe, the Middle East and Africa. Security spending also varied significantly from industry to industry and was typically higher for industries that are high-visibility or in regulated environments or require higher levels of risk mitigation, such as professional services (6.8 percent), government (5.9 percent), and banking and financial services (5.3 percent) because of requirements for the protection of lives, financial assets and intellectual property.
"Determining how much a specific enterprise spends on information security is not an easy exercise, particularly during time of economic uncertainty," said Mr. Wheatman. "However, regardless of industry or geography, we would urge organizations to use their best efforts to evaluate enterprise spending, while recognizing that they may not be capturing all security spending because of organizationally diffused security budgets."
Mr. Wheatman will provide more-detailed analysis on the state of the IT security industry at the Gartner Security & Risk Management Summit, taking place June 21-23 in Washington D.C. This Summit is the premier conference and meeting place for IT and business executives responsible for creating, implementing and managing a proactive and comprehensive IT strategy for information security, risk management, compliance and business continuity management. Members of the media can register for the Summit by contacting Christy Pettey, Gartner PR, at christy.pettey@gartner.com. For further information on the Security & Risk Management Summit, please visit www.gartner.com/us/itsecurity.
Members of the media wishing to register for the Gartner Security & Risk Management Summit 2010 in London can register by contacting Ben Tudor, Gartner PR, at ben.tudor@gartner.com. For further information on the Summit, please visit europe.gartner.com/security.
Additional information from the events will be shared on Twitter at http://twitter.com/Gartner_inc and using #GartnerSecurity.
Contacts:
Christy Pettey
Gartner
+1 408 468 8312
christy.pettey@gartner.com
Ben Tudor
Gartner
Tel (Media Hotline): +44 (0)1784 267738
Tel: +44 (0)1784 267298
ben.tudor@gartner.com
About Gartner:
Gartner, Inc. (NYSE: IT) is the world's leading information technology research and advisory company. Gartner deliver the technology-related insight necessary for its clients to make the right decisions, every day. From CIOs and senior IT leaders in corporations and government agencies, to business leaders in high-tech and telecom enterprises and professional services firms, to technology investors, Gartner is the indispensable partner to approximately 60,000 clients in 10,000 distinct organizations. Through the resources of Gartner Research, Gartner Executive Programs, Gartner Consulting and Gartner Events, Gartner works with every client to research, analyze and interpret the business of IT within the context of their individual role. Founded in 1979, Gartner is headquartered in Stamford, Connecticut, U.S.A., and has approximately 4,300 associates, including approximately 1,200 research analysts and consultants serving clients in 80 countries. For more information, visit www.gartner.com.
