A recent study conducted by Gartner has revealed that organisations within the Asia-Pacific region - including Australia - spend a larger proportion of their IT budget on security than the international average, and expect their security budgets to increase this year.
Gartner surveyed 156 IT professionals in Australia, China and Japan, and found that on average organisations in the three countries spend 15 percent of their total IT budgets on security, a figure higher than the Western European and North American average.
"This may be due in part to the heavy concentration of small and mid-size businesses in this region, as well as a relative lack of maturity in security," said Matthew Cheung, senior research analyst at Gartner.
40 percent of respondents expected their security budgets to increase in the coming financial year, while 45 percent predicted their budgets would remain the same.
However, Australian organisations increased security spending by a smaller proportion than their Indian and Chinese counterparts, with only 18 percent of Australian respondents stating that they were spending more on security this year.
"This reflects the difference between mature and emerging markets, which are still hungry for security solutions," Cheung said.
In each country, data security was the top driver for security spending.
Asia-Pacific organisations' security priorities generally compare closely to American and European organisations. One difference was that within the Asia-Pacific region Government regulation is far less likely to have a significant effect on security spending decisions, which may be suprising considering Australian organisations must consider impending privacy law reforms.
"In Asia Pacific, IT security spending is driven from a business perspective rather than a regulations or standards perspective," Cheung said.
"That means businesses are more paying attention to customer needs like privacy, and critical information like financials, than to external factors. These business pressures push Asian organisations to continuously invest in IT security solutions that are crucial to their brand name, integrity and accountability, as well as to business success in the region."
Asia-Pacific organisations were also significantly more likely to rank a "lack of internal skills/resources" as a significant security concern than those in other regions.
In a climate of growing inflation putting pressure on IT budgets, Cheung recommends consolidating spending by sourcing from fewer vendors, and sourcing discounts by spending more with fewer vendors.
The Gartner report "User Survey Analysis: IT Security Spending, Asia/Pacific, 2008" can be found here.