Operations

12/8/2017
12:15 PM
50%
50%

Gartner: IT Security Spending to Reach $96 Billion in 2018

Identity access management and security services to drive worldwide spending growth.

Worldwide IT security spending is expected to climb 8% next year to $96.3 billion, fueled by investments in identity access management and security services – two areas on tap to rise faster than the overall spending growth rate, according to a Gartner report released this week.

Identity access management (IAM), the smallest slice in the overall IT security spending pie, is expected to jump 9.7% to $4.7 billion in 2018 over the previous year, the report states. Rising regulatory compliance and data privacy requirements over the past three years are driving demand for IAM products and services across the globe, according to the report, which points to the EU General Data Protection Regulation (GDPR) as one example.

Security services, the largest slice of the spending pie, is projected to increase 8.8% to $57.7 billion in 2018, compared with the previous year, Gartner reports. This spending jump is fueled by a skills shortage, growing threat landscape, and complexity in managing IT security, the report finds.

And within the security services sector, spending on outsourcing services is expected to jump 11% to $18.5 billion in 2018.

"Skill sets are scarce and therefore remain at a premium, leading organizations to seek external help from security consultants, managed security service providers, and outsourcers," Ruggero Contu, Gartner research director, said in a statement.

 

Worldwide spending on infrastructure protection is expected to rise 7.7% year-over-year in 2018, aided by demand for security testing and security information and event management (SIEM) technologies and services, according to the report.

Network security equipment spending is expected to increase 6.7% in 2018, compared with the previous year, while consumer security software is expected to tick up a mere 2.4% in the same time period.

"Overall, a large portion of security spending is driven by an organization's reaction toward security breaches as more high profile cyberattacks and data breaches affect organizations worldwide," Contu said. "Cyberattacks such as WannaCry and NotPetya, and most recently the Equifax breach, have a direct effect on security spend, because these types of attacks last up to three years."

Despite the projected 8% increase in IT security spending in 2018, High-Tech Bridge CEO Ilia Kolochenko does not believe it is enough.

"In light of the ubiquitous penetration of all types of technology into our everyday life, skyrocketing attacks against SCADA, and emerging IoT botnets, the growth of worldwide security spending seems to be very slow and inadequate to cover at least the most important risks," says Kolochenko in a statement.

By 2020, Gartner forecasts more than 60% of organizations will have multiple data security tools, such as, data loss prevention, encryption, and data-centric audit and protection tools. That will be nearly double the 35% penetration rate for multiple data security tools today, the report notes.

Enterprises, meanwhile, are projected to shift their budgets toward detection and response solutions, which will drive IT security spending even further over the next five years, Gartner reports.

"This increased focus on detection and response to security incidents has enabled technologies such as endpoint detection and response, and user entity and behavior analytics to disrupt traditional markets such as endpoint protection platforms and SIEM," Contu says.

Related Content:

Dawn Kawamoto is an Associate Editor for Dark Reading, where she covers cybersecurity news and trends. She is an award-winning journalist who has written and edited technology, management, leadership, career, finance, and innovation stories for such publications as CNET's ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Understanding Evil Twin AP Attacks and How to Prevent Them
Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard Technologies,  11/14/2018
Veterans Find New Roles in Enterprise Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/12/2018
To Click or Not to Click: The Answer Is Easy
Kowsik Guruswamy, Chief Technology Officer at Menlo Security,  11/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19301
PUBLISHED: 2018-11-15
tp4a TELEPORT 3.1.0 allows XSS via the login page because a crafted username is mishandled when an administrator later views the system log.
CVE-2018-5407
PUBLISHED: 2018-11-15
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.
CVE-2018-14934
PUBLISHED: 2018-11-15
The Bluetooth subsystem on Polycom Trio devices with software before 5.5.4 has Incorrect Access Control. An attacker can connect without authentication and subsequently record audio from the device microphone.
CVE-2018-14935
PUBLISHED: 2018-11-15
The Web administration console on Polycom Trio devices with software before 5.5.4 has XSS.
CVE-2018-16619
PUBLISHED: 2018-11-15
Sonatype Nexus Repository Manager before 3.14 allows XSS.