SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Malicious attacks to drive surge in cybersecurity spending for 2018
Mon, 11th Dec 2017
FYI, this story is more than a year old

Relentless advances in cybercrime has resulted in a positive spin for the cybersecurity market.

Gartner has predicted worldwide security spending to total US$96.3 billion in 2018, an increase of 8 percent from 2017.

The main drivers of this increase is the implementation of various new regulations, shifting buyer mindset, awareness of emerging threats and the evolution of a digital business strategy.

"Overall, a large portion of security spending is driven by an organisation's reaction toward security breaches as more high profile cyberattacks and data breaches affect organisations worldwide," says Ruggero Contu, research director at Gartner.

"Cyberattacks such as WannaCry and NotPetya, and most recently the Equifax breach, have a direct effect on security spend, because these types of attacks last up to three years."

Gartner's 2016 security buying behaviour survey validates this point, as of the 53 percent of organisations that cited security risks as the top driver for overall security spending, the majority cited a security breach as the main security risk that influences their spending.

Because of this, Gartner believes, security testing, IT outsourcing and security information and event management (SIEM) will be among the fastest-growing security subsegments driving growth in the infrastructure protection and security services segments.

However, there are several other factors that are fuelling higher security spending.

Regulatory compliance and data privacy is one, with the most recent enforcement being the General Data Protection Regulation (GDPR) that is coming into effect on May 28 2018. While being based in Europe, it is also set to have a global effect as it affects anyone holding European data.

Gartner says these regulations translate translate into increased spending, particularly in data security tools, privileged access management and SIEM.

According to Gartner, more than 60 percent of organisations (up from 35 percent today) will invest in multiple data security tools like data loss prevention, encryption and data-centric audit and protections tools.

The automation and outsourcing industries will continue to thrive with technical complexity and the skills shortage being the main drivers.

“Skill sets are scarce and therefore remain at a premium, leading organisations to seek external help from security consultants, managed security service providers and outsourcers," says Contu.

"In 2018, spending on security outsourcing services will total $18.5 billion, an 11 percent increase from 2017. The IT outsourcing segment is the second-largest security spending segment after consulting."

Gartner has forecast that by 2019 total enterprise spending on security outsourcing services will make up 75 percent of the spending security software and hardware products, up from 63 percent in 2016.

One of the main drivers of the security market over the next five years is the transition of enterprise security budgets towards detection and response.

"This increased focus on detection and response to security incidents has enabled technologies such as endpoint detection and response, and user entity and behaviour analytics to disrupt traditional markets such as endpoint protection platforms and SIEM," concludes Contu.