Global infosec spending to top $114bn in 2018, says Gartner

Gartner forecasts that worldwide spending on information security products and services will exceed $114bn in 2018, up 12.4% from last year

The market is expected to grow 8.7% in 2019 to $124bn, driven in part by spending on consultation and implementation services related to the European Union’s (EU’s) General Data Protection Regulation (GDPR) and other privacy legislation.  

“Security leaders are striving to help their organisations use technology platforms securely to become more competitive and drive growth for the business,” said Siddharth Deshpande, research director at Gartner.

“Persisting skills shortages and regulatory changes like the EU’s GDPR are driving continued growth in the security services market,” he said.

A 2017 Gartner survey revealed that the top drivers for security spending are security risks, business needs, industry changes and privacy concerns.

Gartner believes privacy concerns will drive at least 10% of market demand for security services through 2019 and will impact a variety of segments, such as identity and access management (IAM), identity governance and administration (IGA) and data loss prevention (DLP).

According to Deshpande, highly publicised data breaches – such as the attack on SingHealth that compromised the personal health records of 1.5 million patients in Singapore – reinforce the need to view sensitive data and IT systems as critical infrastructure.

“Security and risk management has to be a critical part of any digital business initiative,” he said.

In addition to privacy regulations such as the GDPR, Gartner expects an increased focus on building detection and response capabilities and the need to address digital business risks to be the main drivers for global security spending in 2019.

Specifically, Gartner predicts that at least 30% of organisations will spend on GDPR-related consulting and implementation services through 2019.

Meanwhile, risk management and privacy concerns in digital transformation initiatives are expected to drive additional security service spending through 2020 for more than 40% of organisations, while subscription and managed services are expected to represent at least 50% of security software delivery by 2020.

Security as a service is on the way to surpassing on-premises deployments, and hybrid deployments are enticing buyers, with a large portion of respondents to Gartner’s security buying behaviour survey saying they plan to deploy specific security technologies, such as security information and event management (SIEM), in a hybrid deployment model in the next two years. Managed security services represented roughly 24% of deployments, on average.

“On-premise deployments are still the most popular, but cloud-delivered security is becoming the preferred delivery model for a number of technologies,” said Deshpande.

Despite the move to cloud for security and other services, Gartner data shows that spending on securing cloud deployments is still the lowest out of 10 market segments at $304m in 2018.

Spending on application security also remains relatively low at $2.7bn, despite reported increase in attacks at the application level as operating systems become more difficult to attack. Although application security spending is expected to increase nearly 9.5% to just over $3bn in 2019, it is expected to remain the lowest-ranking category of spending.

At the top end of the scale is security services at $58.9bn, which is expected to increase 9% to $64.2bn in 2019. This is followed by infrastructure protection ($14.1bn), network security ($12.4bn) and identity and access management ($4.3bn).