The information-security spending focus next year will be on hackers and viruses, according to research by Yankee Group. A lesser priority will be managing employee access via virtual private networks and identity-management apps.
The Yankee Group survey reports 54% of companies plan to boost their security budgets during the next three years, while only 8% say they'll be decreasing what they spend to secure their systems. Nearly 40% of companies say their security spending will remain about the same.
Mike Paquette, VP of technology for security vendor Top Layer Networks, says he fells encouraged by the news.
"The anticipated spending is in line with what we hoped. There currently exists a deficit between the security that companies have deployed and the existing threats," he says.
Antivirus, intrusion-detection and -prevention systems, and firewalls will be the only security technologies in which more than half of respondents expect to increase security spending. Fewer than half of all companies will increase spending in other areas, such as access control, authentication and provisioning, personal firewalls, and digital-rights management.
The survey shows that the largest chunk of security spending--25%--will go toward maintaining installed products, while 24% of security budgets will go toward new products. Staffing will be No. 3, at 22%. Funding for new-product pilots and evaluations and security outsourcing will come next.
The top three spending areas in 2004 will be antivirus, intrusion-detection systems, and firewalls. Fighting for scraps will be Web-application security, access control, storage security, anti-spam, authentication technology, and wireless security.
The survey also found that the average cost to deploy patches to desktops is expensive for larger organizations. According to the survey, the mean cost to patch a desktop is $234.