But that is changing. As more workers utilize smartphones, notebook computers and social networking sites to engage with customers and staff, IT professionals must increasingly deal with a rapidly growing security perimeter, browser-based attacks, the loss of physical assets, and social networking threats.
San Francisco (Vocus) April 21, 2009
According to CompTIA's 7th Annual Trends in Information Security survey, the majority of firms in the US and abroad plan to increase or maintain spending on IT security in 2009. The international results of the study will be released during RSA Conference, an IT security tradeshow being held at Moscone Center in San Francisco.
"Despite the cost cutting environment prevalent in many firms these days, one area of the budget appears to be off limits: IT security," said Tim Herbert, vice president of research at CompTIA. "IT security falls into the mission critical category of spending and firms that cut-back on resources or efforts devoted to thwarting security breaches do so at their own peril."
Forty-five percent of IT professionals in large US firms (500+ employees) report planned increases in spending on IT security technologies in 2009 according to the survey, while 52% say they'll keep their budget at the 2008 level. In India and China the planned increases are even more significant. Strong majorities of Indian (68%) and Chinese (64%) firms expect to increase their spending on security in 2009.
"Viruses, worms and spyware led the list of top security issues in 2008," Herbert explained. "But that is changing. As more workers utilize smartphones, notebook computers and social networking sites to engage with customers and staff, IT professionals must increasingly deal with a rapidly growing security perimeter, browser-based attacks, the loss of physical assets, and social networking threats."
Worldwide, concern over browser-based attacks increased 13 percentage points year-over-year to 58%, while social engineering threats leaped 11 points to 30%. In China, IT professionals voiced concern over data theft, which increased in importance from 52% in 2007 to 63% in 2008.
In addition to comprehensive industry research, CompTIA offers other programs that address IT security issues including a new Security Trustmark accreditation that establishes security best practices for IT solution providers. To learn more about how IT security issues differ around the world or to get more information on CompTIA's IT security programs, stop by the CompTIA booth (#332) during RSA Conference exhibit hours.
About the Study
CompTIA's 7th Annual Trends in Information Security: an Analysis of IT Security and the Workforce focuses on identifying key trends in IT security, quantifying current and future spending on IT security, assessing the costs associated with IT security breaches, understanding the causes of IT security breaches and impact of these breaches, and determining the effectiveness of IT security training and certification. More than fifteen hundred IT professionals responsible for security at their organizations answered the questionnaire. Respondents were from the United States, Canada, the United Kingdom, and China and represented a wide range of industries including Education, Financial Services, Government, Healthcare and IT.
The complete report is free to CompTIA members. Go to the members-only area of the CompTIA Web site to access the report. For more information or questions, please contact firstname.lastname@example.org.
CompTIA is the voice of the world's information technology (IT) industry. Its members are the companies at the forefront of innovation; and the professionals responsible for maximizing the benefits organizations receive from their investments in technology. CompTIA is dedicated to advancing industry growth through its educational programs, market research, networking events, professional certifications, and public policy advocacy. For more information, please visit http://www.comptia.org.
Director, Industry Communications