Roughly 40 percent of enterprises and small and midsize businesses plan to increase security spending, with both groups paying particular attention to data security, network security and managed services, according to Forrester Research.
Two new reports from Forrester Research project that roughly 40 percent of
enterprises and small and midsize businesses plan to increase
their IT security budgets in 2010.
The reports, released Jan. 25, found other commonalities: A large percentage
of both groups expect spending on network security to increase and have
declared data security "critical." According to Forrester's "The
State of Enterprise IT Security and Emerging Trends 2009 to 2010" report,
40 percent of the enterprises surveyed plan to increase spending on network
security by 5 percent or more; 34 percent said the same for risk and compliance
In Forrester's sister report, "The State of SMB IT Security and
Emerging Trends 2009 to 2010," 36 percent of SMBs surveyed expected
network security spending to increase 5 percent or more, with about one-fourth
of those increasing it by 10 percent or more.
"Network security has always been the biggest area of [spending],"
Forrester analyst Jonathan Penn told eWEEK. "One reason it's seeing such
strong growth [is] because the escalated attention to vulnerabilities
is causing organizations to enhance their network-level
detection. Another is that, with the concern about insider incidents (both
malicious and inadvertent) rising, the network is a natural focus for
additional security controls that monitor for such activities-there is a
continued reluctance to deploy tighter controls on the desktop because of the
sensitivity to end-user impact."
Eighty-nine percent of enterprise respondents and 84 percent of SMB
respondents said data security was a critical or high priority. Both groups
also expressed concern about the implications of smartphones and Web
2.0 social media
on their environments.
"More SMBs (40 percent) noted their concerns
than any other technology we asked about, with 34 percent
citing concerns about Web 2.0 next," the SMB report said. "The
concerns over the risks associated with such consumerization trends ranked
higher even than concerns over cloud computing (32 percent) or data center
virtualization (30 percent). This is likely because from a security
perspective, consumerization represents a greater loss of control oversight of
the computing infrastructure, whereas cloud and virtualization merely represent
a changing management paradigm."
Both enterprises and SMBs are also looking to outsource security to find
better protection. The areas that most interested respondents were e-mail
filtering and vulnerability assessment. Forty-six percent of the
enterprise respondents said they were "very interested" or "somewhat
interested" in vulnerability assessment managed services. For SMBs that
number was 51 percent.
For SMBs, expertise and not cost was the most important factor
when considering managed services. Sixty-six percent cited quality
protection as an important factor in their decision to adopt managed security,
while 48 percent cited cost reduction.
The Forrester reports were based on data from a survey of security decision
makers from more than 2,000 organizations.