Businesses Spend 20% of IT Budgets on Security

Stony Stevenson writes "Security accounted for 20 percent of technology spending last year and it's expected to rise, according to a report released Tuesday. The Computing Technology Industry Association (CompTIA) surveyed 1,070 organisations and found that on average, they spent one-fifth of their technology budgets on security-related spending in 2006. That's up from the 15 percent of IT budgets spent on security in 2005, and the 12 percent spent in 2004."

And then what part goes to anti-spam?

[damn_registrars]

Since we now have a way to track security expenditures, we should have some way to track money spent on anti-spam measures. Considering how well the anti-spam hardware and software sells, I'll venture its a nontrivial expense, as well.

Even if you're just running some spiffy implementation of spam assasin, it still gets your time at some frequency to update the rules, amongst other things.

Re:Hahaha

[ScrewMaster]

Security is a subset of IT, and IT as a whole is not a profit-center ... it's an operating expense. Now, what is it that most execs try to do with operating expenses?

Re:"Security" analysts

[MichaelSmith]

giving your employees with access to high-security areas a way to disable their keycards 24 hours a day by phone

At my workplace the security people combined the ID card with the RFID access card so now if you lose the RFID card the person who finds it can go directly to our site and walk in.

Re:pebkac security patch

I couldn't resist. I looked back at him and said, "That's funny. I've got the same combination on my luggage..." It's not so funny when you use the same quote at LEAST twice a day, in regards to customer and employee-chosen passwords. During a recent audit, I checked a database of hashes against my rainbow tables, and I shit you not, one in 5 passwords was either 12345 or password.