“In the current highly uncertain economic environment, with overall IT budgets shrinking, even the modest spending increases indicated by the survey show that security spending accounts for a higher percentage of the IT budget”, said Adam Hils, principal research analyst at Gartner. “Security decision makers should work to allocate limited budgets based on enterprise-specific security needs and risk assessments.”

Areas of increased security software spending in 2010 include security information and event management (SIEM), email security, URL filtering, and user provisioning. Security software spending is expected to outpace all other areas of infrastructure software, Gartner said.

Gartner also found that security services spending increases are drive in part by a growing movement towards managed security services, cloud-based email and web security solutions, third-party compliance-related consulting, and vulnerability audits and scans.

“When evaluating and planning 2010 security budgets, organisations should work to achieve a realistic view of current spending and recognise that it may be impossible to capture all security-related spending because of organisationally diffused security budgets”, said Ruggero Contu, principal research analyst at Gartner. “Businesses should also recognise that new threats or vulnerabilities may require security spending that exceeds the amounts allocated, and should consider setting aside up to 15% of the IT security budget to address the potential risks and impact of such unforeseen issues.”

Gartner said new security threats, compliance issues, changes in the still-volatile economic environment and other factors could affect the trends in security spending identified in the survey, which was conducted among 1000 IT professionals.