Information Security Budgets Will Increase in 2012

New information security initiatives a top IT priority

As part of our annual IT Spending Intentions survey, ESG asks IT professionals about overall spending trends for the coming year.  Like other analyst firms, ESG found that IT budgets will increase in 2012, albeit at a modest rate.

When it comes to information security budgets however, growth should be more robust.  More than half (61%) of mid market (i.e. less than 1,000 employees) and enterprise (i.e. more than 1,000 employees) will increase security spending in 2012, and of these, 18% will bolster security spending by 8% or more.  These results are similar to the data collected in the ESG Research about Advanced Persistent Threats. 

ESG also discovered that information security initiatives were also identified as one of the top 5 IT priorities for 2012.

Where will this money be spent? 

1.       Headcount.  ESG found that 35% of organizations plan to hire additional security staff – if they can find skilled professionals available (see my last blog).

2.       Network security.  Just over half (52%) or organizations will make additional investments in network security technologies (i.e. firewalls, IDS/IPS, gateway devices, etc.).  Why?  Because they need additional scale, integration, and security services at the network level.  Good news for Cisco, Check Point, Juniper, McAfee, Palo Alto Networks, and Sourcefire.  Other high priorities identified were mobile security, endpoint security, and SIEM.

3.       Advanced malware protection.  With the rise of APTs, hacktivism, and other types of sophisticated attacks, organizations have no choice other than adopting a “belts and suspenders” model for anti-malware.  This will benefit startups like Countertack, Damballa, and FireEye, as well as established leaders like RSA, Sourcefire, and Trend Micro.

4.       Security services.  Given the threat landscape, shortage of skilled security professionals, and increasingly complex IT environment, many organizations will decide to punt and outsource security tasks to professional services and SaaS providers.  It’s likely that HP, IBM, Unisys, and Symantec will gain share here. 

Copyright © 2012 IDG Communications, Inc.

7 hot cybersecurity trends (and 2 going cold)