According to new market research from IDC Government Insights, overall IT security spending by the U.S. Federal Government will rise from $5.9 billion in 2012 to over $7.3 billion in 2017. In 2014, IT security spending by the Federal Government is expected to top $6.1 billion.
The report, Business Strategy: U.S. Federal Government IT Security Spending Forecast and Market Outlook, revealed that overall security spending has been ticking upward at an average rate of about 4% per year, with the steady increase showing no signs of narrowing.
As IDC points out, IT security elements within government offices can be significantly different than what is seen in other industries because of the need for physical and national security.
“While federal IT security spending continues to climb, the expansion is not universal,” IDC explained. “Different agencies are investing in IT security at different rates, and most have distinct focuses depending on their existing legacy systems and what they need to improve.”
“At this time, many agencies are reviewing how their move to cloud-based solutions might affect their overall IT security posture and many are finding that unified threat management (UTM) solutions are becoming increasingly popular,” said Shawn P. McCarthy, Research Director, IDC Government Insights.
IDC anticipates that federal UTM spending will rise from $213.8 million in 2012 to over $541.4 million in 2017, McCarthy said.
Additional key findings from the report include:
• Most IT security spending goes toward staff salaries. This is because security scanning and proactive mitigation efforts still have a heavy manual component, with people needed to set configuration and to make decisions when threats are detected. Most years staff salaries account for between 85% and 91% of total spending.
• The Office of Management and Budget (OMB) tracks two broad categories of IT security spending — money spent strictly on IT security versus money spent on the IT elements of larger physical and nation security efforts. The government needs both types of IT spending to maintain an effective security posture. While the latter group is not traditional information security spending as IDC defines it in taxonomy documents, it is often listed as security related when it is mentioned in government IT budgets. For that reason, IDC Government Insights has included details on both types of security budgets, including a five-year forecast for both types of security spending.
IDC Government Insights expects to see steady long-term growth for security spending between now and 2017, with staffing growing to $6.2 billion by 2017, firewall spending growing to $249.6 million, unified threat management growing to $541.4 million, intrusion detection and prevention growing to $226.3 million, and virtual private network spending growing to $80.9 million.
Currently, about 40% of IT staffing for security management goes to contractors, a number that IDC expects to climb to roughly 60% by 2017, mainly as a result of increased adoption of cloud computing.