‘Security budgets of Indian companies have tripled’

Indian companies are investing more on securing their data rather than pumping more money into technology as they try to build comprehensive solutions to prevent hackers from attacking their network, said Sanjai Gangadharan, regional director SAARC of A10 Networks.

“IT budgets are shrinking and security budgets are going up,” Mr. Gangadharan said. “Security investments or budgets in India have doubled or even tripled. There are now security departments under a chief information officer, chief security officer or a risk officer, which are being allocated a lot of budgets. IT budgets are shrinking because it is mostly pay-as-you-go model now, and there is less capital expenditure required. “Also, overall costs are coming down. Here, the device cost may come down, but the need for building an overall solution which has more components, and upgrading it with more features and functionalities, that is on the rise.”

Global spending on information security products and services will reach more than $114 billion in 2018, an increase of 12.4% from last year, according to an August 16 report from Gartner, Inc. In 2019, the market is forecast to grow 8.7% to $124 billion. Privacy concerns, persisting skills shortages and regulatory changes such as EU’s Global Data Protection Regulation (GDPR) are the main drivers, said Siddharth Deshpande, research director at Gartner.

A recent attack on Singapore Health Services (SingHealth) network compromised personal health records of 1.5 million patients in the island and reinforced the need to view sensitive data and IT systems as critical infrastructure, he said. Today everybody has realised that PCs, servers, networks, applications have all become commoditised. One can go and pick any of it up, very easily.
Now what all this generates is a huge amount of data. This data belongs to the enterprise. And the security of this data, in terms of who should access this data, where should it be accessed from, where should it be stored, all of this will always be the decision of the enterprise. So what will remain with the enterprise is two things — one is the storage of data, how to store the data, where to store it and in what form, and the second is how to keep this information secure.