"In 2009, in the face of a significant IT spending downturn, security spending grew slightly as a percentage of the IT budget, while many other IT spending areas were gutted," said Vic Wheatman, research director at Gartner, in a statement. "With the economic situation projected to improve in 2010, enterprises are ramping up investments in other spending areas faster than they are for IT security."
Gartner says many IT security groups scaled back on large projects last year due to the tight economy, and this year their initiatives are tied to new business efforts, such as identity and access management and data loss prevention programs. Defensive technologies that lock down the endpoint, next-generation firewalls, and email gateways are still in demand by enterprises. Open-source tools and outsourcing are also becoming attractive options, according to Gartner.
Around 20 percent of CIOs surveyed by Gartner this year say identity and access management is a top priority. ISP, patch management, DLP, antivirus, and identity management were the top priorities for 40 percent of CIOs.
Globally, enterprises in North America spent the most on security last year, with about 5.5 percent of the overall IT budget, followed by firms in the Asia-Pacific region (5 percent), Latin America (4.8 percent), and Europe, the Middle East, and Africa, which each spent about 4.3 percent on security.
Wheatman will present his findings on the state of IT security at the upcoming Gartner Security & Risk Management Summit later this month in Washington, D.C.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.