Virus Defense Now 45% of Security Projects in IT
In our ongoing examination of IT manager's budgets, we've noticed a month-to-month increase in virus defense projects. What's behind the change in security priorities?
To start this analysis we looked at the latest six months of ZDNet IT Priorities research data on security projects to see how various issues ranked in importance. We found that since May 2004, virus defense projects took a clear lead over any other type of security project. (Our IT Priorities research reflects the budget plans for medium- to large-sized businesses throughout the U.S., so these results reflect a change in IT departments across all industries.)
Virus defense projects have increased 80% during the last six months. They now represent 45% of the security projects in IT departments, up from a low point of 25% in May.
![Virus Defense now 45% of Security Projects [chart]](https://www.zdnet.com/a/hub/i/2015/06/11/a8f133d9-0ff6-11e5-9a74-d4ae52e95e57/virusdef45chrt.gif)
Was this shift in priorities expected? Does it match what IT managers forecast for 2004? Not really. When we looked at the 12-month plans of IT managers, which we collected each month in 2003, they were off-target by 12 to 39 points.
![2004 Reality vs. 2003 Plans [chart]](https://www.zdnet.com/a/hub/i/2015/06/11/a9679f6b-0ff6-11e5-9a74-d4ae52e95e57/2004realitychrt2.gif)
Back in 2003, IT managers were optimistic about their security plans, and less than 10% included virus defense or software patches among their security projects for the coming year. Clearly, they thought their teams would be working on something else. And the degree of separation between plans and reality has continued to expand over the last three months, reaching it's biggest-ever gap in September.
What happened to cause this sudden shift? Knowing how unexpected changes in business priorities can alter how actual expenses are allocated, we explored whether security events-new viruses, security flaws, DoS attacks-might have influenced how IT security budgets are being spent. We turned to our BT Trax data to check the flow of security news over the last six months, looking specifically for extremes in news activity that would signal either a significant upswing or decline in security news consumption. What we found was a steady current of news events marked by peaks of activity surrounding breaking news about virus and worm attacks, and newly-announced browser and PC flaws.
![Virus Mindshare Spikes in Summer [chart]](https://www.zdnet.com/a/hub/i/2015/06/11/a9db8527-0ff6-11e5-9a74-d4ae52e95e57/virusmindchrt3.gif)
Not surprisingly, the peaks in news interest coincide with the hottest security stories, with the highest levels of news interest occurring over the last 3-4 months. The timing of intense security news activity corresponds with the increase in virus defense projects from 25% of current security projects to 45%.
![News Events Change IT Priorities [chart]](https://www.zdnet.com/a/hub/i/2015/06/11/aa524a15-0ff6-11e5-9a74-d4ae52e95e57/newseventschrt3.gif)
The alignment between news about security vulnerabilities and the increase in virus defense projects suggests that IT managers are indeed adapting the allocation of their security budget in lock-step with impactful security events. But if you think about it, the alternative approach-not diverting dollars to enhance existing security systems against new virus threats or security flaws-could be extremely risky. So it seems that in the case of security implementations, the best laid plans should always be subject to change.