IT security spending is on the increase, study says

Security spending, as a percentage of IT budgets, is growing rapidly and is expected to peak in the United States in the next two years before settling to a sustainable level, according to a study released today by the Meta Group Inc., an information technology consulting firm in Stamford, Conn.

Analysts said spending on IT security is only now approaching adequate levels.

Average security spending among global 2,000 organizations is estimated currently at 3 to 4 percent of IT budgets. This is expected to reach levels of 8 to 12 percent before stabilizing around 5 to 8 percent.

Nailing down meaningful figures for security spending is difficult because expenditures are often not identified and they vary widely between business sectors and parts of the world.

'As a rule, the more regulated an industry or the more it lends itself to high volumes of electronic financial transactions over public networks, the more investment it requires in risk and information security management,' the report said.

Growth is expected to be fastest in the United States, where security issues have a high public profile, with Europe and developed Asia Pacific nations following at a slower pace. Spending in developing Asian countries is lagging.

Meta Group analysts estimate the appropriate investment for IT security to be from 3 to 8 percent of an organization's IT budget, depending on the value of electronic transactions and the level of trust in the parties involved. But just as important as the amount of money spent is how it is spent and the way it is tracked.

'Security teams must model overall investment to track parity with industry peers, and to account for the cost of satisfying business requirements for managing information risk,' analysts say.

About the Author

William Jackson is a Maryland-based freelance writer.


  • business meeting (Monkey Business Images/

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected