Spending on information security is expected to grow a lot in the next couple of years — from over $6 billion this year to over $9 billion in 2013.
This according to a recent report from INPUT.
On Tuesday’s Daily Debrief, hosts Christopher Dorobek and Amy Morris spoke with INPUT principal analyst John Slye, who says the figures concerning money are what federal agencies are spending that is specifically targeted toward dealing with data and cybersecurity.
Slye says spending in these fields is growing faster than anything else in the federal government.
We estimate that the overall IT spend within the federal government is growing somewhere in the four percent range, where here we’re looking more in the seven or eight percent range. So this is significantly stronger growth than overall.
Slye says this is actual growth, not moving money around from one project to another.
In terms of growth projections, Slye says INPUT has to look backwards in order to see forwards.
We look at what the federal government has reported spending over the last several years and what they are asking for in the 2009 budget — and obviously the jury is still out on that — but we watch overall spending trends within government — spending in IT and it’s a little bit of art and a little bit of science when we get our Magic 8 Ball here . . . but looking at the trends . . . we’re fairly confident that we may be off a million dollars here or there, but when you’re talking about a $10 billion market, that’s not a bad target to shoot for.
The events of the past two weeks in terms of the financial markets has changed some predictions.
Slye says the federal government is facing many budget pressures, not just in IT, and the challenge is going to involve how federal agencies can leverage the money that they’re going to spend to get the return they originally planned for.
That money, he notes, is important for protecting the federal government.
As we’ve seen with attacks on government networks skyrocketing. Attacks reported to the U.S. CERT program from one year to the next nearly tripled in 2007, and we’ll see [when] the 2008 numbers come, but the government can’t afford to not invest in securing their information and their data and their infrastructure.
Slye says vendors should realize that this federal market is still in flux as they themselves try to move forward. The National Cyber Security Initiative, for example, is still taking shape, which means agencies might not know what they need just yet.
One of the things that we do know from looking at this market is [that] there’s going to be a need for services and products that help the federal government to monitor their networks, to make sense of the data that they get when they monitor their networks, and be able to make quick decisions in real time so that they can ward off immediate attacks and protect or trace or counter-attack . . . when somebody attacks our networks.
Though the National Cyber Security Initiative is still being worked on, Slye says there are plenty of mandates already in place, such as FISMA, which will drive the need for identity and access management services for years to come.
In addition, there’s Congress.
There’s a lot of Congressional scrutiny on the Hill when somebody’s laptop disappears or a hard drive is stolen. This kind of stuff is very easy to understand within the press — and when you’re talking about people’s social security numbers. . . . It’s quick to raise scrutiny on lawmakers and regulators.
INPUT’s report examined six key areas of the market:
planning and program management
identity and access management (HSPD-12)
training and education
infrastructure security (COOP)
Slye says the overall majority of the money that agencies spend has to do with ensuring that the government’s networks and data-at-rest are secure.