/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsSYDNEY, AUSTRALIA: A survey of IT security professionals in Australia, China and India conducted by Gartner has found that organisations in the Asia Pacific region spend a larger proportion of their IT budget on security than their North American and European counterparts, and most expect their IT security budgets to remain the same or increase in 2008.
Although there is an economic downturn in the US, 40 percent of Asia Pacific organisations surveyed said their 2008 IT security budget has increased over 2007, while 45 percent claimed it had remained “about the same”. Data security and lack of skilled resources ranked among the top concerns of organisations in Asia. However, more than 30 percent did not include standards or government regulations on the list of what is driving their IT security spending.
More Chinese (46 percent) and Indian (56 percent) respondents said they were spending “significantly more” or “somewhat more” in 2008 than their Australian counterparts (18 percent).
“This reflects the difference between mature and emerging markets, which are still hungry for security solutions,” said Matthew Cheung, senior research analyst at Gartner. “While the impact of the US economic downturn had yet to be felt in Asia Pacific at the time the survey was done, investment in security technology, services and staffing is viewed as critical and cuts in this area are not considered a result.”
However, increasing security budgets may not improve an organisation’s purchasing power, according to Gartner. “Growing inflation rates in the region are putting pressure on vendors’ prices. One way that you can get more for less is to consolidate spending by sourcing from fewer vendors and get discounts by spending more with fewer vendors,” Cheung said.
At the Gartner IT Security Summits in Singapore and Sydney this month, analysts will provide the latest research and practical advice on how to optimise security spending, including potential savings from new delivery models for information security.
The average percentage of the IT budget dedicated to security in Asia Pacific is around 15 percent, according to the Gartner survey.
“This level of spending is relatively high compared to organisations surveyed in Western Europe and North America,” said Mr. Cheung. “This may be due in part to the heavy concentration of small and mid-size businesses (SMBs) in this region, as well as a relative lack of maturity in security.”
Data security is the top driver for security spending in organisations in the three countries surveyed, reflecting growing concerns about personal data privacy, especially in government, financial services and healthcare. While most of the top concerns in Asia Pacific are similar to other regions, Asian organisations ranked “lack of internal skills/resources” higher.
“There is a shortage of IT security personnel and related resources in emerging countries such as China and India, which are still premature in developing IT security measures and policies,” said Cheung.
In contrast to Western Europe and North America, government regulations and industry standards are not the primary driver for security spending in Asia Pacific.
More than 30 percent of respondents in Asia Pacific chose “none” of the government or industry standards on the list of what is driving their IT security spending. However, 12 percent of respondents claimed “ISO standards” are driving security spending, reflecting the importance of quality control in countries that rely heavily on exports of products and services.
“Compliance is more important in mature markets where governments are increasingly enforcing laws and regulations,” said Cheung. “In Asia Pacific, IT security spending is driven from a business perspective rather than a regulations or standards perspective. That means businesses are more paying attention to customer needs like privacy, and critical information like financials, than to external factors. These business pressures push Asian organisations to continuously invest in IT security solutions that are crucial to their brand name, integrity and accountability, as well as to business success in the region.”
In March 2008, Gartner conducted a survey of IT professionals in major worldwide markets, including 156 in Asia Pacific, in Australia (50), China (54) and India (52).