eports of shuttered businesses, mammoth layoffs, home
foreclosures and sagging consumer spending have
become routine. Common enough, in fact, that a quick
internet search can ﬁnd throngs of organizations presenting
websites keeping scrupulous count of the dismal ﬁgures. In
contrast, quite a few economic experts assert that the protracted
ﬁnancial bleakness of the time is starting to fade away.
Its unhurried pace to depart, though, is leaving many an
executive leader glumly distrustful of the future. Budget tighten-
ing, slashes to personnel numbers, employee pay reductions,
the shelving or all-out elimination of assorted projects and other
cost-cutting measures are still raging.
“The economy is having a huge impact on my company – a
state government,” says Kris Rowley, systems security director
for the state of Vermont. “There are layoffs, cutbacks, hiring
freezes and so forth. We are maintaining our security stance by
focusing on what we have in place and using the budgets we do
have very wisely to get the biggest bang for our buck.”
Yet, even in the face of the worst economic period since the
Great Depression, corporate chiefs are comprehending that pro-
tecting their customers’ personally identiﬁable information (PII), ■
as well as securing their own intellectual property, is compulsory. ■
Boon or bad times, most executives believe information security is
essential to any organization’s continued success and proﬁtability.
28 SC • January 2010 • www.scmagazineus.com
DATA Security budgets are
holding their own – even
in the toughest economy
since the Great Depression,
reports Illena Armstrong.
According to the third annual Guarding Against a Data Breach
survey, which was conducted by SC Magazine and ArcSight with
research ﬁrm CA Walker, 91 percent of 399 respondents agree
that their companies are taking the right steps to prevent cus-
tomer and other critical data from being stolen, exposed or lost.
This number closely echoes last year’s data, which showed that 88
percent of 217 respondents thought they were on the right track.
“There have been a lot of advances in technology addressing
■ data breach prevention and mitigation over the past few years. If
a company implemented or plans to implement even a portion
of these tools, then a company is taking the right steps toward
data security,” says Rowley. “However, technology is expensive
and, in our ﬁeld, especially in government, money is very tight.
One of the ﬁrst places to lose funding, in both the public and
private sectors, is IT.”
Drivers to protect information
Yet, even as proﬁts have withered for the majority of businesses
– and for some drastically so – some budgets have remained
level (about 20 percent of respondents) and a scant few (1.5