Security Surpasses Cost-Control As Top IT Challenge

IDC: Over three-quarters of IT and business executives rated this challenge as an extremely or very significant concern

Framingham, MA — July 26, 2004 — Security has surpassed cost-control and cost containment issues as a concern that tops the list of information technology (IT) challenges, according to research from the advisory firm IDC.

IDC's latest "Enterprise Technology Trends (ETT)" survey — conducted between April and May 2004 with a respondent base of 933 U.S. and Canadian companies — showed that over three-quarters of IT and business executives rated this challenge as an extremely or very significant concern or IT challenge for their organizations.

"Our latest survey findings indicate that IT spending on security and business continuity has increased at 59 percent of organizations in the last 12 months," said Lucie Draper, program manager for IDC's Enterprise Technology Trends, Vertical Markets Group. "We believe that despite the economic environment, and in some cases because of the geopolitical environment, the prospects for security technologies are good."

Among the key findings presented in IDC's latest ETT survey are the following:

* IDC found that the biggest difference between organizations that have a corporate IT security officer and those that do not have someone in that position is whether security policies and procedures are in place, namely an organization-wide disaster recovery and business continuity strategy and regular security risk analyses, security auditing or security status tracking.

* Ubiquitous access to the Internet followed by a reaction to a major security breach at one's company were most frequently rated as having a high influence on an organization's investments in security technology and deployment of security measures. Four in 10 North American organizations rated security audit results as having a high influence on the deployment of security measures.

* Corporate compliance and government regulations as they relate to security and privacy remain of particular concern to the banking and the healthcare services industries.

* One or more of an array of security technologies are in some stage of adoption at most companies. While some technologies, such as anti-viral tools, are already in place at the vast majority of North American companies, others are at different stages of the evaluation or implementation process, and in some cases these vary markedly by industry segment.

The research in this press release is taken from two recently published documents addressing security technology adoption. The IDC study, "The Total Security Solution: Vertical Markets Investments in Corporate and Public Security," addresses security technology adoption trends. Security technologies examined in this document include anti-virus tools, hardware-based firewall technologies, security management applications, intrusion detection, encryption, hardware- and software-based tokens, and client and server certificates.

The study, "What Factors and Events are Driving Investments in Security Technology in 2004?," addresses security technology adoption drivers and takes a look at which areas are driving or affecting the deployment of security measures at North American organizations.