The expenditure is a 23% increase from 2005, when SMBs shelled out an estimated $9.3 billion on security products. And the trend shows no sign of slowing: AMI-Partners projects double-digit annual increases in security spending by SMBs for the next several years.
"As more and more SMBs become increasingly reliant on IT, security becomes a necessity," said Anil Miglani, senior vice president at AMI-Partners.
The report, based on surveys of SMBs in more than 20 countries, found that the United States continues to be the single largest market for IT security products and services. However, spending on security in some of the emerging markets is growing at one-and-a-half to two times as fast as in the developed countries, Miglani said.
"As you move up, you find that some of the businesses are adopting an increasing number of security products. They might have antivirus, firewalls, VPNs antispam and so on," Miglani said. "The next category are businesses that already have adopted these products and are looking to integrate them, usually coming in the form of product suites. At this next step you also see SMBs moving into other areas, such as access management solutions."
Unlike larger companies, SMBs have tended not to worry as much about internal security breaches, Miglani said. "They don't see the employees as being a major threat," he said, in part because they have fewer employees than large companies. "Partly, it's also a matter of not feeling the pressure from their customers," he said, but that, too, is ripe for change. "SMBs are storing more and more critical customer information, and they need to become more concerned about safeguarding that."
The obvious beneficiaries of the increased focus on security are product vendors such as Symantec Corp., McAfee Inc. and Microsoft, now that the Redmond, Wash.-based software giant has decided to co-opt security. Channel players will also benefit, because they continue to play a significant role in fulfilling security needs for SMBs, Miglani said. And security as a service will get a "major boost," he added, "largely because it removes the requirement of having a full-time IT staff managing security."
Let us know what you think about the story; e-mail: Linda Tucci, Senior News Writer