by Lorraine Cosgrove Ware

IT Security Best Practices in 2003 By the Numbers

Apr 01, 20032 mins
IT Strategy

You Are Not Done Investing in Security

Companies will continue to spend on security during the next three years, according to a recent report from IDC (a sister company to CIO’s publisher). While many IT sectors expect lackluster growth, the security segment is forecast to grow at a compound annual growth rate of 25 percent from 2001 to 2006. IDC senior research analyst Brian Burke says that attacks on corporate computer systems, both wired and wireless, will continue to become more sophisticated and will target multiple network vulnerabilities. “More viral and harder-to-detect blended threats or hybrid worms?viruses that build upon previous viruses?will become increasingly more common,” Burke says. He suggests that companies continually work to identify vulnerabilities.

Best Practices

Subscribe to a security service for patches. As the new old saying goes, “Security is only as good as its last update,” says IDC’s Brian Burke. Protect your network from known vulnerabilities, such as those found by the most recent virus SQL Slammer, by signing up for automatic patch updates or alerts. “Even three days is too long a time to go without updating your antivirus software,” Burke adds.

Enforce security policy. Burke cautions that a number of industries such as health care and finance are legally bound by HIPAA and other regulations to protect customer privacy. “Having a security policy isn’t enough,” Burke says. “Companies must enforce their policy and ensure that employees are adhering to it.”

Filter spam. Burke recommends that CIOs take spam seriously. “Spam is no longer just a nuisance. It takes up valuable network bandwidth and is a conduit for viruses,” he says.

IT Security Market Shows No Signs of Slowing

Total IT security market growth (includes hardware, software and services)


Source: February 2003 IDC Report, “The Big Picture: I.T. Security Software, Hardware, and Services Forecast and Analysis, 2002-2006”

Security Budgets Increase in 2003

Percent of IT budget allocated to security


Compliance and Customer Confidence Driving Security Investment

Key factors in security spending


Source: November 2002 “CSO Sensor,” a study conducted by CIO’s sister publication, CSO magazine