Security solutions and spending also often includes the security people operating the solutions. And just one of them can easily be almost $200,000 a pop, not necessarily in salary, but in benefits, salary, and even getting a headhunter to find one.
As far as security software, that's pretty expensive too, but varies based on your level of security. I've seen packages that keep the records of every keystroke made on every server that you connect to it. Real Big Brother types of packages. That easily costs more than $200,000 a pop.
Also note that if you work at a smaller company that uses a certain piece of software that isn't very expensive for you because you have few heads and few computers to secure, that same package becomes much, much more expensive for big companies due to their scale, and even with deep discounting. I have to work with Fortune 100 companies in integrating with their security, and while it is not always inspiring to see their level of competence, it is very easy to see that they spend a shitload of money on what they have because they have high visibility and complex environments.