IT security spend keeps rising: Is there ROI?

IT security spend keeps rising: Is there ROI?

Summary: Canalys predicts the IT security spending market will reach $30.1 billion in 2017 and grow at a 7 percent compound annual growth rate from now until then. Security spending is growing faster than overall IT spend.

SHARE:
5

Information technology security spending will apparently keep growing forever, but it's unclear what the returns look like.

The latest data from Canalys shows that the IT security spending market will reach $30.1 billion in 2017 and grow at a 7 percent compound annual growth rate from now until then. In other words, security spending will be twice the global IT spending growth rate based on the 3 percent or so most research firms expect going forward.

For instance, Gartner expects global IT spending to be up a mere 2 percent in 2013 relative to 2012 due to a strong U.S. dollar and up 3.5 percent in constant currency.

No one is suggesting that security spending be pared back. Security requirements aren't going to go away as long as the bad guys are out there. But at some point, a CXO will ask for a smarter security technology spend. There has to be some line between effective security spending and waste. Right?

Canalys noted that security remains a priority for businesses even as they cut back elsewhere. Asia Pacific IT security spending will be up 9 percent in 2013 with North America growing 5 percent. Latin America will spend 15 percent more on security and EMEA up 3 percent.

Meanwhile, medium sized businesses will grow IT security spending a 7 percent clip to hit $8.5 billion in 2017. Here's the breakdown of mid-sized security spending:

canalyssecurity


The story remains the same throughout the enterprise: You can't cut back on security spending. And if you do it'll be very quietly.

Topics: Security, Hardware, Software

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

5 comments
Log in or register to join the discussion
  • Sercurity on steroids...

    At the company I work for (a fortune 100 company) they spend enough money to pay the settlements on all the possible lawsuits for a decade in one year on security. Not only that but the loss of productivity is well beyond sanity. They lock down things that shouldn't be a risk considering they are sometimes tripple to quadruple layer protected. In otherwords redundant protection.

    We often sit for days on our hands waiting for ports to be opened, access to be granted, and arguing the merits of our sercurity requests. That is not even addressing the use of the most insecure desktop operating system on the planet and its necessary protection software and maintenance.

    I know there are bad guys out there but don't you feel having 3 deadbolts and 2 chains on a door is somewhat redundant and bordering on stupid?

    But what would I know about it I am only a software architect not a security ninny that does not understand the system and opts for more security then needed just to be safe. The only thing nobody takes into account is the cost and loss of production plus the overhead of maintaining these elaborate security schemes behind the firewall where they shouldn't be needed.

    The possible permutations on a 6 character alpha only password with a three try lockout are several billion to one odds of breaking it without throwing a flag yet we are forced to use cryptic hard to remember and manage passwords in the quintilian to one odds. Is that really necessary when most security breaches are from these hard to remember passwords are written down becuase we are forced to change them every month? How about the janitorial staff that every evening go from cube to cube dusting and cleaning without proper supervision. You know... These highly paid and uncoruptable janitors exposed to all the little post-its with the jotted down passwords.

    LOL in all I have to say... Bring it on more security I like sitting on my hands and getting paid for it.

    This security industry is somewhat like the self promoting military industrial complex in that it is always promoting itself to higher and higher levels of need.
    adams484
    • Unfortunately, the incompentent admins become security admins...

      And STILL aren't competent.

      Most of them only know a little bit about windows... and how bad its security is. So they just pile on more of the same.
      jessepollard
      • jessepollard...you and adams484 are a 1,000% correct

        And I quote........"This security industry is somewhat like the self promoting military industrial complex in that it is always promoting itself to higher and higher levels of need".

        The sad thing is no one can prove they arnt correct.....because they keep breaking into anything named Windows or Windows related.

        End Of Story
        Over and Out
  • The security industry is out of control

    They should be required to provide solutions not hurdles to jump over. It is mostly just a massive power trip for a bunch of wannabes.
    greywolf7
  • If You Think Security Is Expensive...

    ...try insecurity.
    ldo17