In a recent article, Computer Economics indicated that IT security budget increases during 2002 did not live up to earlier forecasts. Our research indicated that, as of year-end, less than 3% of the average IT budget was earmarked for security, including new products, services, and labor costs.
Our research also indicated that many CIOs are still having difficulty getting IT security budget increases, in spite of the heightened awareness and concern on the part of most senior executives since the tragic events of 9/11.
However, a new Computer Economicsâ survey of midsize to large organizations indicated that, in spite of the tight budget plan for this category, IT security spending is rising at a brisk pace. Over one-fifth of the companies surveyed indicated that actual IT security spending (in terms of dollars), had increased over 50% since 9/11. Additionally, IT security spending increases ranging from 25% to 50% were reported by over one-third of the companies polled, while the remaining companies reported spending had increased up to 25% (see survey results illustrated below:)
So, if IT security budgets are not increasing as fast as actual IT security spending, what is going on? There are at least two possible answers to that question.
- Many of the companies experiencing the most significant increases in spending were seriously deficient in this area prior to 9/11.
- CIOs are being forced to cut projects or reduce operational run rates to cover increases in security spending. In some instances this is happening âon the flyâ, without going through a formal budget change approval process.
Companies that fall into the first category probably had extremely low IT security budget levels prior to 9/11. Increasing their IT security spending significantly will merely bring them in line with industry spending patterns.
CIOs that are âborrowingâ monies from other projects or forcing their departments to cut run rates that are already âlean & mean,â will have to face their budget issues very soon â or watch their customer satisfaction ratings drop significantly.
Has Your IT Security
Decreased/No increase = 0%