Security spending rockets amid tighter rules and growing fear
Worried cybersecurity professionals are spending more than ever on protecting their businesses, Gartner has found.
$96.3 billion (approx. £72 billion) will be spent on security around the world in 2018, according to the research firm.
Stricter regulations and a growing awareness of security risks are the main reasons why security departments are reaching for the wallet more often.
“Overall, a large portion of security spending is driven by an organization’s reaction toward security breaches as more high profile cyberattacks and data breaches affect organizations worldwide,” said Ruggero Contu, research director at Gartner.
“Cyberattacks such as WannaCry and NotPetya, and most recently the Equifax breach, have a direct effect on security spend, because these types of attacks last up to three years.”
Businesses told Gartner that the risk of a security breach most strongly influences security spending. As a result of this, security testing, IT outsourcing and security information and event management are predicted to be the fastest-growing security segments.
Within these subsegments, identity access management spending is expected to rise to $4.7 billion, infrastructure protection to $17.4 billion and network security equipment to $11.6 billion. However, security services take the lion’s share of budgets, with $57.7 billion forecast to be spent next year, compared to $53 billion in 2017.
New regulations and laws are having a major impact on the way companies spend their security budgets. In the U.S., regulations such as the Health Insurance Portability and Accountability Act have been introduced, while China implemented the Cybersecurity Law in 2016. In Europe, the GDPR is looking to be a major stumbling block for many companies, with the threat of severe fines looming over them.
In a likely attempt to alleviate these fears, it is expected that by 2020, 60% of organisations will use an array of data security tools such as data loss prevention, encryption and data-centric audit and protection tools, compared to just one third that do so now.