Thursday, February 28, 2008

How recession proof is IT security?

Leading economists have recently increased their projections of a likelihood of an economic recession in the United Kingdom, Japan and the United States. These countries together comprise 42% of the world's gross domestic product (GDP). Even though many other economies are growing quite vigorously it is inevitable they will feel the effects and themselves could be facing difficult economic times ahead in this increasingly globalized world.

With every day bringing increasing concern for the near-term health of some of the world's largest economies, many clients can expect to receive mandates from senior executives to cut IT costs as part of an enterprise cost-cutting program.

Just how will this effect IT Security? There is a train of thought that the security industry is rather resilient to recessionary cutbacks. Let’s examine this for a moment:

During cost cutting, there are inevitably staff layoffs and it is exactly during these times that the insider threat/disgruntled employee cloud looms and some say you should tighten up security during these times. The recent PWC InfoSec survey shows that 60% of breaches are from insiders and disgruntled employees.

Others say that as profits drop, corporates have less “buffer” or “luxury” to absorb business interruptions, lawsuits, bad publicity, loss of consumer confidence and loss of confidential data to competitors and as such security actually becomes elevated during tough economic times.

As clients in-source and out-source to cut costs in tough times, the security issue comes to the fore again. This is my favorite topic and we even have a white paper on this over here : Outsourcing can lead to bad security

Also, regulations and compliance requirements don’t scale back during slowdowns so whilst more rigor will be applied in cutting costs and choosing vendors, these initiatives will nonetheless proceed.

Hackers, script kiddies, organized crime, espionage, spammers, phishers, viruses and worms don’t slow down with economies. Neither does loss of laptops, PDA’s and tapes with confidential information due to mistakes/negligence. And neither does the disclosure laws or the bad press that accompany breaches. The appearance of new threats don't slow down with economies either. Anyone doubting a further onslaught in 2008/9 by new and emerging threats only need to look at SAN's predictions for threats in 2008.

Clients will also turn to technology such as Virtualisation, Unified Comms, Teleworking and perhaps IP Telephony to save costs and improve efficiencies and as we know these areas all suffer from complex security issues.

Finaly, Infosec is still top of CIO’s priorities. We can look to a very recent Goldman Sachs survey among CIO’s of Global Fortune 1000 companies as to where spending priorities lie. The top six IT initiatives that remain strong among IT buyers are:

1-business intelligence,
2-server virtualization,
3-security,
4-application integration,
5-server consolidation and
6-ERP software.

In conclusion, whilst there will be more acute due diligence and sales cycles might extend I do not believe this market will slow down or feel the effects of macroeconomic slowdown as much as other segments.

Labels: , , ,

Rate this post: (Provided by NewsGator)

0 Comments:

Post a Comment

Links to this post:

Create a Link

<< Home