It's good news for those in the security business, according to Gartner at least. It is predicting that security software and services spending will outpace other IT spending areas in 2010. The Gartner report suggests that security software budgets will grow by approximately 4% in 2010, while security services budgets will grow almost 3%.

Earlier this year Gartner surveyed more than 1,000 IT professionals with budget responsibility worldwide to determine their budget-planning expectations for 2010 and the results form the basis of this new report.

"In the current highly uncertain economic environment, with overall IT budgets shrinking, even the modest spending increases indicated by the survey shows that security spending accounts for a higher percentage of the IT budget," said Adam Hils, principal research analyst at Gartner. "Security decision makers should work to allocate limited budgets based on enterprise-specific security needs and risk assessments."

Specific areas of projected security-related software spending growth in 2010 includes security information and event management (SIEM), e-mail security, URL filtering, and user provisioning. The continued, comparatively strong emphasis on security extends beyond software. The survey showed that security services spending will also outpace spending in other services areas, with budgets expected to grow 2.74 per cent in 2010. This anticipated increase is being driven in part by a growing movement towards managed security services, cloud-based e-mail/web security solutions, and third-party compliance-related consulting and vulnerability audits and scans.

"When evaluating and planning 2010 security budgets, organisations should work to achieve a realistic view of current spending and recognise that it may be impossible to capture all security-related spending because of organisationally diffused security budgets," said Ruggero Contu, principal research analyst at Gartner. "Businesses should also recognise that new threats or vulnerabilities may require security spending that exceeds the amounts allocated, and should consider setting aside up to 15 per cent of the IT security budget to address the potential risks and impact of such unforeseen issues."