Global enterprise spending on information security is set to continue on its upward trajectory in the coming year, as it’s predicted to go up by over 8% year-on-year to a total of $96.3 billion.
This is according to the latest forecast from Gartner, which chalks up the projected increase to a confluence of factors at play, to wit “regulations, shifting buyer mindset, awareness of emerging threats and the evolution to a digital business strategy”.
Overall, much of security spending is fueled by “an organization's reaction toward security breaches as more high profile cyberattacks and data breaches affect organizations worldwide," according to Gartner’s research director, Ruggero Contu.
As a case in point, he pointed to cyberattacks such as WannaCryptor (aka WannaCry) and Diskcoder.C (aka NotPetya) and to security breaches such as that involving Equifax, which “have a direct effect on security spend".
Increases across the board
Source: Gartner (Dec 2017)
A breakdown of the ‘spending pie’ shows that the ‘security services’ segment is projected to make up nearly 60% of the total IT security budgets, followed by the ‘infrastructure protection’ segment on a little over 18%.
Regulatory compliance and data privacy, particularly in the US, China and Europe, have spurred on higher spending on information security over the last three years, according to Gartner. This represents a trend that is here to stay as, notably, the EU General Data Protection Regulation (GDPR) is coming into force in less than six months.
Data security in general will be given increasingly greater weight, as Gartner’s analysts predict that by 2020, over 60% of organizations will use multiple data security tools, such as data loss prevention, encryption, and data-centric audit and protections tools. This represents an increase from just over one-third at present.
Given the shortage of skills, technical complexity, and the threat landscape as a whole, automation and outsourcing services are also viewed as areas of growth in security spending.
"Skill sets are scarce and therefore remain at a premium, leading organizations to seek external help from security consultants, managed security service providers and outsourcers," Contu is quoted as saying.
Organizations are projected to spend $18.5 billion on security outsourcing services next year, up 11% from this year.
