Worldwide security spending is expected to total $96.3 billion in 2018, an increase of 8 percent from 2017, according to Gartner.
Organizations are spending more on security as a result of regulations, shifting buyer mindset, awareness of emerging threats and the evolution to a digital business strategy. A large portion of this is driven by the reaction to security breaches.
Cyberattacks such as WannaCry and NotPetya, and most recently the Equifax breach, have a direct effect on security spend, because these types of attacks last up to three years, says Ruggero Contu, research director at Gartner.
More than half of the organizations (53 percent) from the survey cited security risks as the top driver for overall security spending. As a result, security testing, IT outsourcing and security information and event management (SIEM) will emerge as the fastest-growing security sub segments driving growth in the infrastructure protection and security services segments (see Table 1).
Other factors which fuel security spending include growing regulatory compliance requirements and data privacy concerns. Recent changes in regulations in the Europe, the U.S., India and China have impacted the security spending, especially in data security tools, privileged access management and SIEM.
Gartner forecasts that by 2020, more than 60 percent of organizations will invest in multiple data security tools such as data loss prevention, encryption and data-centric audit and protections tools, up from approximately 35 percent today.
Skills shortages, technical complexity and the threat landscape will continue to drive the move to automation and outsourcing. In 2018, spending on security outsourcing services will total $18.5 billion, an 11 percent increase from 2017. The IT outsourcing segment is the second-largest security spending segment after consulting.
Gartner predicts that by 2019, total enterprise spending on security outsourcing services will be 75 percent of the spending on security software and hardware products, up from 63 percent in 2016.
Enterprise security budgets are also shifting towards detection and response, and this trend will drive security market growth during the next five years.