Research firm Gartner has predicted that worldwide enterprise security spending will reach US$96.3 billion in 2018, an increase of 8% from 2017.
Changing buyer mindset, an awareness of emerging threats and the evolution to a digital business strategy mean that organisations are spending more on security, Gartner says.
“Overall, a large portion of security spending is driven by an organisation's reaction toward security breaches as more high profile cyberattacks and data breaches affect organisations worldwide,” said Ruggero Contu, research director at Gartner. “Cyberattacks such as WannaCry and NotPetya, and most recently the Equifax breach, have a direct effect on security spend, because these types of attacks last up to three years.”
Security testing, IT outsourcing and security information and event management (SIEM) will be among the fastest-growing security subsegments driving growth in the security services segments.
Regulatory compliance and data privacy have also been stimulating security spending over the past three years. The General Data Protection Regulation which will come into force on 28 May 2018, and the Cybersecurity Law in China that came into effect in June 2016, have resulted in increased spending, particularly in data security tools, privileged access management and SIEM.
Gartner forecasts that by 2020, over 60% of organisations will invest in multiple data security tools such as data loss prevention, encryption and data-centric audit and protections tools.
Skills shortages, technical complexity and the threat landscape will continue to drive the move to automation and outsourcing.
“Skill sets are scarce and therefore remain at a premium, leading organisations to seek external help from security consultants, managed security service providers and outsourcers,” said Contu. “In 2018, spending on security outsourcing services will total $18.5 billion, an 11% increase from 2017. The IT outsourcing segment is the second-largest security spending segment after consulting.”
Gartner predicts that by 2019, total enterprise spending on security outsourcing services will make up 75% of the spending on security software and hardware products, and increase from 63% in 2016.
“This increased focus on detection and response to security incidents has enabled technologies such as endpoint detection and response, and user entity and behaviour analytics to disrupt traditional markets such as endpoint protection platforms and SIEM,” said Contu.