[ISN] Security a bright spot for IT spending

From: InfoSec News (isnat_private)
Date: Tue Apr 15 2003 - 02:05:51 PDT

  • Next message: InfoSec News: "[ISN] Court blocks security conference talk"

    http://news.com.com/2100-1014-996798.html
    
    By Michael Kanellos 
    Staff Writer, CNET News.com
    April 14, 2003
    
    SAN FRANCISCO -- Technology spending remains depressed, but increased
    government spending and concern about privacy could make security
    companies a rare bright spot.
    
    Companies that specialize in software, hardware and services for the
    security industry could see stronger growth this year than
    counterparts in other technology fields, said speakers at this week's
    RSA Conference 2003 here.
    
    "This space will get more attention in terms of (information
    technology) dollars," said Eugene Munster, a research analyst at U.S.  
    Bancorp Piper Jaffray, who predicted that security companies could see
    their revenue grow 5 percent to 20 percent between 2003 and 2004,
    depending on the company and the products it makes.
    
    Part of the growth will derive from the havoc wreaked by spam and
    viruses in corporate networks, speakers at the conference said. The
    subdued optimism, however, also is based on mandates from the
    government. Funding for security technology is up 60 percent from 2002
    to 2003, Munster noted.
    
    Much of the increase will be spent by September, the month when annual
    government technology budgets get used up. Consultants and IT
    professionals could reap a substantial portion of the budget increase
    as nearly 80 percent of the new funds revolve around hiring people to
    implement these systems.
    
    "The September quarter is the potential inflection point for the
    security vendors," said Wendell Laidley, a former security analyst
    turned investor. "The magnitude of the spending has the potential to
    represent a positive catalyst."
    
    NetScreen, which makes inexpensive firewall and virtual private
    network (VPN) servers, is enjoying particularly strong growth, Laidley
    added.
    
    However, Jeff Glidden, RSA Security's chief financial officer, warned
    against expecting too much from the increase in government spending.  
    Government spending is now 5 percent of RSA's total revenue and could
    reach 10 percent. The market, though, remains difficult to predict.  
    RSA specializes in encryption software and services.
    
    "If we get an uptick, it will probably offset any imbalances from
    downturns in Europe and elsewhere," he said. "It is a little bit of an
    uptick, but it is not a reason to buy the stock."
    
    Regulations and legal restrictions imposed on private businesses could
    also boost sales. Amazon.com, Microsoft and others in recent years
    have been hit with lawsuits and enforcement actions because of
    security breaches, which have resulted in fines and huge legal bills,
    said John Tomaszewski, chief privacy officer at CheckFree, which
    specializes in payment systems.
    
    In one celebrated case, Amazon spent $1.9 million to settle a privacy
    suit with customers, another $1.9 million in legal fees, and had to
    build a security system as a result of failed privacy policies.  
    Citibank, meanwhile, paid $1.4 million in fines and an unknown amount
    of legal fees in an action before the Federal Trade Commission for
    selling customer data.
    
    Similarly, Eli Lilly got hit with a $160,000 fine and paid an unknown
    amount in legal fees after it sent a notice to Prozac patients that
    the company was going to discontinue e-mail alerts on the drug. The
    problem? The pharmaceutical company put 669 names in the "to:" field
    on the e-mail, inadvertently disclosing the names of patients who take
    the drug, Tomaszewski said.
    
    Select compliance and enforcement provisions of The Heath Insurance
    Portability and Accountability Act of 1996 become active on April 14,
    he added. The law mandates that hospitals and health care providers
    impose security precautions for patient records. Failure to do so
    could result in penalties and jail time.
    
    "You are going to have to do security," Tomaszewski said. "If you
    don't do it, the federal government will make you do it, or the state
    government will make you do it, or annoyed customers will make you do
    it."
    
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Tue Apr 15 2003 - 17:38:21 PDT