Mumbai, Dec 9 (IANS): Organisations spend an average of 5.6 per cent of the overall IT budget on security and risk management, market research firm Gartner said on Friday.
Enterprises should be spending between four and seven per cent of their IT budgets on IT security, lower in the range if they have mature systems, higher if they are wide open and at risk, it added.
"Clients want to know if what they are spending on information security is equivalent to others in their industry, geography and size of business in order to evaluate whether they are practicing due diligence in security and related programmes," said Rob McMillan, Research Director at Gartner, in a statement.
IT security spending ranges from approximately one per cent to 13 per cent of the IT budget and is potentially a misleading indicator of programme success.
The majority of organisations will continue to misuse average IT security spending figures as a proxy for assessing security posture through 2020, the report added.