Business organisations can spend less on security while being more secure, according to analyst group Gartner.
Speaking at the annual ITxpo conference in Orlando earlier this week, Gartner analyst Neil MacDonald said organisations needed to focus on processes, rather than products.
"The rest of the business is moving to a process-focused discipline of measurement and management, why shouldn’t we expect the same from information security?" he said.
He recommended either reducing the percentage of revenue spent on security spending; or increasing the amount of protection from established security spending levels.
When new threats emerge, MacDonald suggested that users define the processes necessary to ensure the business is not affected. He said, “This discipline helps to avoid different groups duplicating efforts and purchasing point solutions for each new threat,” he said.
Separately, Gartner has warned that users can expect radical changes to their IT departments over the next five years. The analyst company predicted that by 2011 IT contribution would be cited in the top three success factors by at least half of the top performing businesses.
As a result, Garner expects 75% of IT departments to change their focus, and to cut staff by 20% and in-house technology by 40% compared to 2005.