Story image

Cybersecurity spend tops $37b, but still only a fraction of IT investment

01 Apr 2019

In the last quarter of 2018 organisations spent more than US$10 billion (NZ$14.7 billion) on cybersecurity – the highest levels ever, according to Canalys estimates. 

In 2018, total cybersecurity investment reached US$37 billion (NZ$54.3 billion). That number is expected to exceed US$42 billion by 2020.

But as spend continues to increase, cybersecurity only represents 2% of total IT expenditure, even as organisations increase protection against malicious threats and keep in line with data compliance regulations.

“Over the next two years, the transition in cybersecurity deployment models will accelerate. Customers are changing their IT buying behaviour, with the adoption of public cloud, and flexible consumption and subscription services,” say Canalys Principal Analyst Matthew Ball. 

Canalys data also shows that in 2018 traditional hardware and software deployment accounted for 82% of the cybersecurity market. The remaining 18% was deployment of virtual appliances and agents, procurement through public cloud marketplaces and subscriptions to cybersecurity as a service.

Canalys names Cisco, Palo Alto Networks, Barracuda and Check Point as some of the top cybersecurity vendors.

“The leading cybersecurity vendors have embraced new deployment models, with each in the process of transitioning their businesses to more subscription-based revenue and increasing transactions via cloud marketplaces,” says Canalys Research Analyst Ketaki Borade.

“Cisco, Palo Alto Networks, Barracuda and Check Point are also the top cybersecurity vendors on the leading public cloud marketplace, AWS Marketplace, selling their virtual offerings on a per hour and annual basis. This is still a small part of their overall business, but is the fastest growing area.” 

“Barracuda Networks, Trend Micro and F5 Networks also have a strong presence on cloud marketplaces, highlighting their early move to adopt new deployment models.”

In Q4 2018, Cisco remained the overall worldwide market leader, growing its share from the previous year to just under 10%. Palo Alto Networks grew faster but remained in second place with 7%. Check Point, Fortinet, IBM and Symantec each had 6% market share in Q4. Overall, the top 10 cybersecurity vendors collectively represented 53% of shipments during this period, with the next 20 accounting for 21%.

Cybersecurity quarterly estimate and forecast data is taken from Canalys’ Cybersecurity Analysis service. Estimates include network security, endpoint security, web and email security, data security and vulnerability and analytics security. The subscription service tracks the transition of deployment options from hardware and software to services, public cloud workloads and virtual appliances/agents by channel and end user size.

Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.
Cryptojacking and failure to patch still major threats - Ixia
Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018.
Princeton study wants to know if you have a smart home - or a spy home
The IoT research team at Princeton University wants to know how your IoT devices send and receive data not only to each other, but also to any other third parties that may be involved.
Organisations not testing incident response plans – IBM Security
Failure to test can leave organisations less prepared to effectively manage the complex processes and coordination that must take place in the wake of an attack.
65% of manufacturers run outdated operating systems – Trend Micro
The report highlights the unique triple threat facing manufacturing, including the risks associated with IT, OT and IP.
WikiLeaks' Julian Assange arrested in London
There’s little doubt that it’s a day of reckoning for WikiLeaks cofounder Julian Assange today, after his seven-year long protection inside London’s Ecquador Embassy came to an abrupt end.