As the U.S. slides deeper into a recession, security solution providers will be faced with an increasingly challenging sales environment. A recent TechTarget survey of more than 900 security professionals revealed that security budgets are being cut and non-essential security projects are being put on hold until the economy improves.
The survey, conducted in October of last year, sought to develop an understanding of corporate information security spending and strategy in 2009. Despite being conducted as the catastrophic economic downturn was taking place, its results were already indicative of what has become a dramatic pull back in IT and security spending in the new year.
Approximately 57% of respondents indicated that delaying or cancelling non-essential upgrades or implementations would be their first response amid a deepening recession.
Andrew Plato, president of Anitian Enterprise Security, a security solution provider headquartered in Beaverton, Ore., confirmed this, indicating that he's seen companies delay large capital infrastructure projects, especially within organizations where the current infrastructure is functioning adequately.
"Big, splashy security projects are falling by the wayside left and right," Plato said, citing NAC implementation and whitelisting as examples of "splashy projects."
Although large-scale security initiatives may be delayed, the extent to which customers' budgets are affected may depend on the vertical market a solution provider serves. Adam Gray, chief technology officer of Novacoast Inc., a consulting company in Santa Barbara, Calif., has been seeing delays rather than outright cancellations, and mostly in the retail sector. He said customers in other sectors, however, seem to be fairing better.
Making matters worse, nearly a third of survey respondents said their security budgets are likely to be cut in the first half of 2009 if the economy continues its downward spiral.
There can be new revenue opportunities, however, in helping customers leverage what equipment and skills they already have, according to Allen Zuk, president and CEO of Sierra Management Consulting LLC, an independent technology consulting firm in New Jersey.
Solution providers should help customers "become more vigilant," said Zuk, by prioritizing exactly which security projects will be necessary regardless of the down economy.
To help customers prioritize, Zuk suggested bringing in an outside vendor to perform a systems audit. This type of service can immediately show customers what parts of their environment need to be worked on. "Bringing in a third-party vendor demonstrates that you have the best interests of your client in mind," Zuk said.
Solution providers should attempt to form relationships with some of these third-party vendors, added Zuk, especially those that specialize in risk management. He said having a relationship with a company that can help your customers will bolster what a solution provider can offer a customer, and ultimately make the relationship stronger, a good indication for the future of the partnership.
There are certain "hot topics" in security projects right now, according to Zuk, which provide value to the customer's environment. Some of these project topics include data loss protection (policies, procedures, standards and tools), laptops, removable media, data management and information lifecycle management.
"While ILM was a buzzword for the past few years and seemed to drop off the radar," Zuk said, "some recent news regarding misplaced and uncontrolled information has caused a refreshed look at the architecture and needs."
Along the same lines, Gray emphasized the importance of helping customers rein in spending. "If you're not helping customers cut costs and reduce their overhead for IT, you're not going to be picking up projects," he said. As an example of such cost cutting practices, Gray cited helping customers with their automated provisioning, federation or access management. Executives are willing to approve the use of such services, and it helps cut the cost of managing employees.
With the economy unlikely to turn around anytime soon, Plato advised solution providers to make sure they can turn around small deals and little projects quickly. "If your whole business is predicated on volume and big infrastructure," Plato added, "you're in deep, deep trouble."