Save on Streaming Android 13 Best iPad Best Samsung Phone Best Password Manager Sony Headphones Deal Gym Membership Savings MLB 2022
Want CNET to notify you of price drops and the latest stories?
No, thank you

Security a bright spot for IT spending

Technology spending remains depressed, but increased government spending and concern about privacy could have security companies riding higher in a down market.

SAN FRANCISCO--Technology spending remains depressed, but increased government spending and concern about privacy could make security companies a rare bright spot.

Companies that specialize in software, hardware and services for the security industry could see stronger growth this year than counterparts in other technology fields, said speakers at this week's RSA Conference 2003 here.

"This space will get more attention in terms of (information technology) dollars," said Eugene Munster, a research analyst at U.S. Bancorp Piper Jaffray, who predicted that security companies could see their revenue grow 5 percent to 20 percent between 2003 and 2004, depending on the company and the products it makes.

Part of the growth will derive from the havoc wreaked by spam and viruses in corporate networks, speakers at the conference said. The subdued optimism, however, also is based on mandates from the government. Funding for security technology is up 60 percent from 2002 to 2003, Munster noted.

Much of the increase will be spent by September, the month when annual government technology budgets get used up. Consultants and IT professionals could reap a substantial portion of the budget increase as nearly 80 percent of the new funds revolve around hiring people to implement these systems.

"The September quarter is the potential inflection point for the security vendors," said Wendell Laidley, a former security analyst turned investor. "The magnitude of the spending has the potential to represent a positive catalyst."

NetScreen, which makes inexpensive firewall and virtual private network (VPN) servers, is enjoying particularly strong growth, Laidley added.

However, Jeff Glidden, RSA Security's chief financial officer, warned against expecting too much from the increase in government spending. Government spending is now 5 percent of RSA's total revenue and could reach 10 percent. The market, though, remains difficult to predict. RSA specializes in encryption software and services.

"If we get an uptick, it will probably offset any imbalances from downturns in Europe and elsewhere," he said. "It is a little bit of an uptick, but it is not a reason to buy the stock."

Regulations and legal restrictions imposed on private businesses could also boost sales., Microsoft and others in recent years have been hit with lawsuits and enforcement actions because of security breaches, which have resulted in fines and huge legal bills, said John Tomaszewski, chief privacy officer at CheckFree, which specializes in payment systems.

In one celebrated case, Amazon spent $1.9 million to settle a privacy suit with customers, another $1.9 million in legal fees, and had to build a security system as a result of failed privacy policies. Citibank, meanwhile, paid $1.4 million in fines and an unknown amount of legal fees in an action before the Federal Trade Commission for selling customer data.

Invite Michael Kanellos into your in-box
Senior department editor Michael Kanellos scrutinizes the hardware industry in a weekly column that ranges from chips to servers and other critical business systems. Enterprise Hardware every Wednesday.

Similarly, Eli Lilly got hit with a $160,000 fine and paid an unknown amount in legal fees after it sent a notice to Prozac patients that the company was going to discontinue e-mail alerts on the drug. The problem? The pharmaceutical company put 669 names in the "to:" field on the e-mail, inadvertently disclosing the names of patients who take the drug, Tomaszewski said.

Select compliance and enforcement provisions of The Heath Insurance Portability and Accountability Act of 1996 become active on April 14, he added. The law mandates that hospitals and health care providers impose security precautions for patient records. Failure to do so could result in penalties and jail time.

"You are going to have to do security," Tomaszewski said. "If you don't do it, the federal government will make you do it, or the state government will make you do it, or annoyed customers will make you do it."