[ISN] Feds' IT Security Spending Growth Set For Slowdown

Wed Jun 16 08:47:22 EDT 2004

http://www.informationweek.com/story/showArticle.jhtml?articleID=21800461

By Eric Chabrow 
June 15, 2004 

The rapid growth in the federal government's IT security spending is
coming to a screeching halt. In fiscal 2005, which begins Oct. 1, the
U.S. government will increase spending on IT security products and
services by a mere 2% to $5.6 billion, according to the government
market-intelligence firm Input.

Since the Sept. 11, 2001, terrorist attacks, the government has spent
heavily on IT security, although the increases have been declining
each year. But next year's increase is significantly smaller than
those in previous years. Annual IT security spending rose 10% this
year, 50% in 2003, and 100% in 2002, Input reports. Single-digit
increases in IT security spending will be the rule through the
remainder of the decade, it says.

One reason IT security spending has slowed is that agencies have
failed to comply with White House requirements to fix existing IT
security weaknesses before the Office of Management and Budget
releases additional money for new initiatives. Last year, according to
Input, more than a quarter of federal IT systems didn't have
up-to-date security plans. Input senior analyst Chris Campbell says
yearly reviews by OMB and Congress have uncovered a number of security
lapses unresolved from previous years, leaving many legacy systems
vulnerable to attacks. This means agencies must seek OMB approval to
re-appropriate funds to fix security lapses in existing systems,
rather than get new money for new IT security projects. Campbell says
vendors that help agencies implement security solutions at reasonable
costs could benefit.

Still, Input sees IT security spending will pick up a bit in the
second half of the decade, reaching an annual growth rate of about 5%
through 2009--when IT security spending should surpass $7 billion.

By 2009, Input projects, IT security spending by Defense Department
agencies and the military will rise to $3 billion, up from $2.4
billion this year, a 5% annual growth rate. Similarly, civilian
agencies' IT security spending will grow at a 5.2% yearly growth rate
over the next five years to $2.9 billion, from $2.3 billion.  
Intelligence agencies' growth rate is projected to be lower--2.5%, as
spending will rise to $900 million from $800 million.

Two-thirds of federal IT security spending comes from just 10
agencies: the Office of the Secretary of Defense--which represents
nearly one-quarter of all IT security spending--the three military
branches, the departments of Homeland Security, Health and Human
Services, Energy, Transportation, and Treasury, and the space agency,
according to Input's analysis of government numbers.

The biggest IT security contracts awarded by the government are both
for $1.5 billion. A Defense contract deals with information assurance
and a General Services Administration contract focuses on developing
common identification smart cards.

The government awards the biggest federal IT security contracts to
systems integrators. In fiscal year 2003, according to Input, Northrop
Grumman held 9% of the estimated federal government market share in IT
security, followed by EDS at 8%, Science Applications International
Corp., 5%, and General Dynamics, 4%.