The average security investment
will peak at eight-to-12 percent of information technology (IT)
budgets in the United States by 2006, and in Europe and the Asia
Pacific region by 2007, according to META Group.
These budgets will stabilize at five-to-eight percent in
the United States by 2008 and in Europe and the Asia Pacific
region by 2009.
“Information security remains a top-five issue for CIOs,
and the debate regarding appropriate investment levels continues
to rage,” said Tom Scholtz, vice president with META Group’s
Security & Risk Strategies advisory service. “Although capturing
and benchmarking information security spending is complicated,
security teams must model overall investment to track parity with
industry peers and account for the cost of satisfying business
requirements for managing information risk.”
META Group research indicates that the average information
security spending in Global 2000 organizations is currently about
four percent of the IT budget, which represents a continuing
increase from previous years.
In Europe, the rate of increase in
security spending has been significantly slower than that
witnessed in the U.S., primarily because of the lower
intensity of publicity regarding compliance issues and
cyber-crime.
The picture in the Asia Pacific region is even more
variable, with the more mature economies (Singapore, Japan,
Australia, and South Korea) reflecting patterns that are
predominantly similar to those of the European countries.
The
maturing markets in the Asia-Pacific region (Malaysia, Thailand,
and Philippines) are just beginning to invest in security, with
spending rates expected to increase in the near future.
This article was compiled and edited by CIO Update staff. Please direct any
questions regarding its content to Allen Bernard, Managing Editor.