WASHINGTON, D.C. - Security could become a victim of its own success.
Gartner Group's Victor Wheatman said Wednesday that security spending actually will decrease in the near future as enterprises improve security management and efficiency. The managing vice president's predictions punctuated the research firm's four-day Gartner IT Security Summit.
Wheatman broke his prognostications into three broad categories, spelling out the good news and the bad news for security administrators and managers.
"By 2006, information security spending (including staff salaries and external services) will drop to 4% to 5% of IT budgets, on average, as enterprises improve security management and efficiency," said Wheatman. "The lowest-spending 20% of organizations, the most efficient ones, will safely reduce the share of security in the IT budget to 3% to 4% by 2006."
What that translates to in dollars depends on an enterprise's operating budget, of course, and could spell a funding increase as the percentage earmarked for security shrinks, depending on an enterprise's fiscal success.
Wheatman also noted that reduced spending is not a sign of decreased interest in security. Gartner believes security will remain a top concern for quite some time. Additionally, investment in information security can be justified as cost avoidance, measurable in preventing direct loss, particularly when trust and information security are required under regulatory and audit concerns, he said.
Gartner is once again sounding the death knell for intrusion detection systems. Last year its analysts declared IDS would be obsolete by 2005. Now they're saying IDS will also never reach the "plateau of productivity" because IDSes burden organizations by requiring full-time monitoring and an incident response process, which tax resources. That plateau is Wheatman's way of describing the window of time between when an enterprise adopts a new technology and when it begins to provide a return on investment.
Wheatman also suggests security groups invest in authorization technologies and more robust directory infrastructures to remain competitive with the speed of e-business.
"By 2006, enterprises that rely only on proxy or stateful packet inspection will experience successful application-layer attacks at twice the rate of enterprises that use leading deep-packet inspection approaches," predicted Wheatman. He said that by 2005, 90% of Global 2000 gateway firewalls will do 100% deep-packet inspection, enabling them to block application attacks.
To realize anticipated lower costs, efficient technologies and processes will need to be implemented. However, Wheatman warned, "Through 2009, each new wave of technology will render existing information security measures obsolete, increasing security exposures in new and legacy environments.
In a related prediction, Wheatman said that by Q1 2005, enterprises that don't enforce security policies during network login will experience 200% more network downtime than those that do.