This clearly reflects New Zealand organisations’ maturing understanding of the security governance approach required when undertaking a digital journey, reports IDC.
IDC's latest New Zealand Managed Security Services research shows managed security (off-premises) is going to be the land of opportunity for the next 12 to 24 months.
Over this time, IDC expects the amount of businesses that use hosted security services to rise multi-fold.
It foresees usage of traditional hosted security services to jump from roughly 28 per cent to 79 per cent while usage of advanced security will increase from around 17 per cent up to 69 per cent.
Only a quarter of New Zealand firms have no plans of shifting either traditional security (e.g. firewall, DDoS, secure web gateway) or advanced security (e.g. APT, incident response services) from CPE-based (customer-premises equipment) to hosted-based environments.
This is in stark contract with the current rate of security outsourcing in the country. Only 35 per cent of organisations engage third parties to manage their security – one of the lowest rates in Asia-Pacific region.
Underlying these trends, the prevailing business theme in New Zealand continues to be to shift away from capital expenditure to leasing and ‘X-as-a-Service’ consumption models. Following the pressure from CEO and CFO offices, IT executives are compelled to place higher focus on measurable business outcomes of IT investment.
"CIO objectives include not only a dollar-value cost reduction, but also the quantifiable and time-bounded impact of IT on productivity, R&D, and communication between staff and external parties," Donnie Krassiyenko, security analyst, IDC New Zealand, says in a statement.
The prevailing business theme continues to be to shift away from capital expenditure to leasing and ‘X-as-a-Service’ consumption models.
"This is where IT buyers should work with their IT partners to create security adoption roadmaps that their organisation can be assessed against over time. The roadmap further assists in identifying the next step toward security maturity and to build a strong business case for justification of IT budgets.
“Interestingly, government agencies act as a spearhead for security adoption, showing one of the highest interests in managed security and business continuity/disaster recovery (BCDR) as desired business outcomes".
In light of cost management and cash preservation sentiments, Krassiyenko notes it is interesting that roughly every second company, which engage in managed security services, did not experience significant annual savings in the last 12 months.
While almost 30 per cent did not realise any savings at all and 24 per cent ended up with an increase in cost, only 46 per cent actually managed to reduce costs. Despite such discouraging results, a vast majority (77 per cent) expects future savings of up to 20 per cent per annum.
"IDC believes that every New Zealand organisation’s leadership team and board should be considering the risk associated to the business during the digital transformation journey,” states Adam Dodds, cloud research director, IDC New Zealand. “The opportunities are great, but the risk can sometimes be greater and assessing that risk is critical.”
“First, how do we value our data and how will it change the value of our business (leading to where it should reside), and, secondly, how protected is our information for tomorrow's world (leading to are we capable of doing it ourselves)?
Read more: 'How to take the mind-set of a startup’
“We have no doubt that the intent to invest with external providers is a reflection of this process and the cost benefits are a reflection of underinvestment to date," concludes Dodds.
Send news tips and comments to firstname.lastname@example.org
Follow Divina Paredes on Twitter: @divinap
Follow CIO New Zealand on Twitter:@cio_nz
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.