How Much Should You Spend on IT Security?

It may be difficult for enterprises to figure out how much they should spend on IT security, but research analyst Gartner has statistics on how much their peers are spending.

Security is a trade-off between risk and cost, and enterprises in different industries may spend more or less depending on their situation, said Ian Reeves, a managing vice president for Gartner Consulting.

A survey of 1,500 or so companies worldwide found businesses spend an average of 5 percent of their total IT budget on security, according to Gartner’s IT Key Metrics Data for 2010. Gartner also broke it down to security spending per employee, which averaged around US$525 annually in 2009, compared to $636 in 2008 and $510 in 2007.

Of the total IT security budget, 37 percent is spent on personnel, 25 percent on software, 20 percent on hardware, 10 percent on outsourcing and 9 percent on consulting.

Companies should not necessarily worry if spending is higher or lower than the average, Reeves said. A more important question is why the spend is at a certain level and whether that is good or bad, Reeves said.

It’s possible to spend a fortune on security, but if it’s done poorly, it doesn’t help a business, said David Lello, a director at Gartner Consulting.

The general drivers for security spending include targeted malicious software attacks, cybercrime, regulation, remote access and new delivery models for services, such as cloud computing and software-as-a-service.

Companies ranked intrusion detection and prevention as the top security priority, followed by patch management, data loss prevention, identity management and antivirus.

Professional services is the sector that has the highest number of employees dedicated to IT security, followed by government, banking and financial services, utilities, education, manufacturing, health care, insurance and finally transportation.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s