Spam and malicious attacks will rise over the next three years presenting IT departments with bigger security concerns than ever before, says analyst IDC.

IT security spending is set to almost double from 2.5 per cent of overall technology spending to four per cent within the next four years, while spam is will increase from 17 billion emails today to 23 billion by 2007.

'Almost half of emails will be spam related in the future,' said Thomas Raschke, IDC's program manager for European security products and strategies, speaking at the analyst's 2004 Security Conference in London last week.

'On average employees will use 10 minutes of their day identifying spam and getting rid of it. When you add this up businesses face massive losses connected to it,' he said.

Rather than developing a reliance on new security products, IT directors need to realise the importance of enforcing security policies and run a risk analysis every month, especially when implementing higher risk technologies, such as mobile policies and peer-to-peer projects, says Raschke.

'Security policies need to be checked and re-evaluated constantly. Firms should build in rules governing what people can access using the corporate network - it's often an overlooked part of the business,' he says.

But by undertaking proper risk analysis organisations may discover parts of the business that require less IT security spending than others.

'Not everything needs to be one hundred per cent secure, for instance lots of information is shared with partners and customers on the internet,' said Raschke.

A growth in malicious attacks, viruses and spyware will also lead to a 15.4 per cent increase in security software spending over the next four years, with firms investing more on intrusion detection, secure content management, firewall and VPN software.

'It is easy to create maximum damage to systems with little effort these days, it's as simple as going to an internet site and loading virus writing tools,' said Raschke.

IDC also predicts spending on security hardware appliances will also grow by 23 per cent between 2003 and 2008, as IT departments look for methods to monitor all areas of IT security.