Gartner: Security spending to hit $96B in 2018, here’s where CXOs are making the biggest investments

7 months ago

Massive cyberattacks and data breaches are driving companies worldwide to increase cybersecurity spending to $96 billion in 2018—up 8% over 2017, according to a new research forecast from Gartner.

Organizations will also spend more on security due to new regulations such as the General Data Protection Regulation (GDPR), a shifting buyer mindset, an increased awareness of emerging threats, and the overall evolution to a digital business strategy, Gartner found.

“Overall, a large portion of security spending is driven by an organization’s reaction toward security breaches as more high profile cyberattacks and data breaches affect organizations worldwide,” Ruggero Contu, research director at Gartner, said in a press release. “Cyberattacks such as WannaCry and NotPetya, and most recently the Equifax breach, have a direct effect on security spend, because these types of attacks last up to three years.”

SEE: Information security incident reporting policy (Tech Pro Research)

In a previous Gartner security buying behavior survey, 53% of organizations cited security risks as the no. 1 driver for overall security spending, with the majority saying that a breach was the main risk influencing this spending.

In 2018, security testing, IT outsourcing, and security information and event management (SIEM) will be among the fastest-growing security areas driving growth in this industry, Gartner found.

Another security spending driver is the number of new regulatory compliance and data privacy laws taking effect, including the Health Insurance Portability and Accountability Act and the National Institute of Standards and Technology in the US, and GDPR in Europe. These regulations have led to spending increases on data security tools, privileged access management, and SIEM, Gartner noted.

By 2020, more than 60% of organizations will invest in several data security tools, such as data loss prevention, encryption, and data-centric audit and protections tools, Gartner predicted. This represents a 35% increase from today’s investments in such products.

However, skills shortages, technical complexity, and the growing threat landscape will continue to drive organizations to seek automated and outsourced security solutions.

“Skill sets are scarce and therefore remain at a premium, leading organizations to seek external help from security consultants, managed security service providers and outsourcers,” Contu said in the release. “In 2018, spending on security outsourcing services will total $18.5 billion, an 11 percent increase from 2017. The IT outsourcing segment is the second-largest security spending segment after consulting.”

By 2019, total enterprise spending on security outsourcing services will represent 75% of the spending on security software and hardware—up from 63% in 2016, Gartner predicted.

Meanwhile, company security budgets will also shift to focus on detection and response, which will drive growth in this market over the next five years, according to Gartner.

“This increased focus on detection and response to security incidents has enabled technologies such as endpoint detection and response, and user entity and behavior analytics to disrupt traditional markets such as endpoint protection platforms and SIEM,” Contu said in the release.

To learn about some of the top cyber threats facing the enterprise in 2018, including ransomware and Internet of Things (IoT) risks, click here.

Want to use this data in your next business presentation? Feel free to copy and paste these top takeaways into your next slideshow.

  • Cybersecurity spending worldwide is predicted to reach $96 billion in 2018—up 8% over 2017. -Gartner, 2017
  • By 2019, total enterprise spending on security outsourcing services will represent 75% of the spending on security software and hardware—up from 63% in 2016. -Gartner, 2017
  • By 2020, more than 60% of organizations will invest in several data security tools, such as data loss prevention, encryption and data-centric audit and protections tools. -Gartner, 2017
Image: iStockphoto/Stadtratte

Also see

Richard J. Daniels