r
E-Business Growth Demands Security Spending
r
r
r
Rawlson O’Neil King, theWHIR.com
r
r
r
May 21, 2004 — (WEB HOST INDUSTRY
r
REVIEW) — E-business has achieved widespread acceptance as a powerful
r
business tool that can, if utilized properly, enable companies to
r
enhance their profitability, seek out new market opportunities and
r
provide customers with improved services.
r
r
The growth of e-business is such that by 2005, according to research from Business Communications Company Inc. (bccresearch.com), revenues are expected to exceed $3 trillion. Datamonitor (datamonitor.com)
r
predicts that global business-to-business and business-to-consumer
r
e-commerce revenues will reach $5.9 trillion and $663 billion by 2005
r
respectively.
r
r
However, for e-business to flourish,
r
there must be a stable approach to security for e-business transactions
r
and activities. The approach to security must provide the ability for
r
strategic partners, customers and employees to use e-business
r
applications without fear of information compromise or corruption.
r
r
According to a new global survey of 237 senior executives conducted by the Economist Intelligent Unit (eiu.com),
r
many common business goals, from holding customer data to sharing
r
supply-chain data, often entail greater vulnerability to security
r
threats. As a result, security is no longer considered a straight cost,
r
but a business enabler.
r
r
Early in the decade, approximately 50
r
percent of businesses worldwide were spending five percent or less of
r
their IT budgets on securing their networks, and e-security breaches
r
were causing over $15 billion in damage annually. The events of
r
September 11 caused serious rethinking of IT budgets, to the extent
r
that security has become the number one priority in a majority of
r
corporate IT budgets and certainly in US federal government IT budgets.
r
r
According to a Meta Group (metagroup.com)
r
study, while only 24 percent of firms increased their overall IT
r
spending in 2002, 73 percent increased spending on security. Security
r
as a percentage of IT spending, however, only constituted three
r
percent, according to Meta Group. Most of this spending was committed
r
to internal network protection.
r
r
Datamonitor stated that public key
r
infrastructure and virtual private networks would be the largest areas
r
of growth with global investment reaching $2.6 billion and $3.9 billion
r
respectively by 2005. Spending on e-security services were also
r
predicted to triple from an estimated $4.3 billion in 2000 to $11.9
r
billion in 2005.
r
r
A report by the Business Communications
r
Company, Inc. stated that overall e-security expenditures were
r
estimated at $4.8 billion in 2001. Expected to grow at an average
r
annual growth rate of 24.8 percent, overall expenditures are likely to
r
approach $14.7 billion by 2006.
r
r
BCC Research also predicts that
r
e-security software expenditures will grow from $3.5 billion in 2001 to
r
$11.5 billion in 2006, at an AAGR of 26.5 percent. Approximately 54
r
percent of these expenditures will occur in authentication and
r
authorization processes in 2001 and 57 percent in 2006. These processes
r
assure that the right person is in the right place for the right
r
transaction 24 hours a day, seven days a week.
r
r
In the “services” category, “e-security
r
consulting” services account for approximately 90 percent of
r
expenditures. The consulting area featuring the most major impact is
r
that of e-security management services, which will grow from $450
r
million in 2001 to $1.3 billion in 2006. Overall, the e-security
r
services category is predicted to increase to $2.1 billion in 2006,
r
from $785 million in 2001, an AAGR of 22 percent. E-security consulting
r
however might grow at a quicker pace given the increase of security
r
breaches at financial institutions.
r
r
According to a Deloitte Touche Tohmatsu (deloitte.com)
r
survey of banks and insurance companies released this week, cyber
r
attacks are on the rise. Eighty-three percent of respondents stated
r
their IT systems had been compromised in 2004, compared with 39 percent
r
in 2003. Approximately 40 percent of the respondents whose systems were
r
attacked reported financial losses.
r
r
The survey also found that many financial
r
institutions are sliding backwards when it comes to the use of security
r
technologies. While more than 70 percent of respondents perceived
r
viruses and worms as the greatest threat to their systems in the next
r
12 months, only 87 percent of respondents had fully deployed anti-virus
r
measures. This result is down from 96 percent in 2003.
r
r
On the upside, the survey revealed some
r
significant advancements and trends in the right direction. Financial
r
institutions showed improvement in complying with regulations, as
r
two-thirds (67 percent) of respondents indicated they have a program
r
for managing privacy (compared to 56 percent last year). In addition,
r
the majority (69 percent) felt that senior management is committed to
r
security projects needed to address regulatory requirements.
r
r
“Financial institutions, particularly
r
security officers, are facing greater challenges than ever,” stated
r
Adel Melek, global leader of Deloitte’s IT Risk Management &
r
Security Services, in a statement. “They are fighting an on-going
r
battle to overcome evolving security threats and to comply with an
r
increasingly stringent regulatory environment but, at the same time,
r
resources have stagnated.”
r
r
To redress the resource situation,
r
financial institutions and other associated businesses should make
r
greater investments in e-security consulting services. Most complex
r
hosting providers offer managed security services that afford increased
r
control over security spending, while concurrently providing access to
r
skills and protection capacities without the need to hire and train new
r
dedicated staff.
r
