Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations

Gartner: IT Security Spending to Reach $96 Billion in 2018

Identity access management and security services to drive worldwide spending growth.

Worldwide IT security spending is expected to climb 8% next year to $96.3 billion, fueled by investments in identity access management and security services – two areas on tap to rise faster than the overall spending growth rate, according to a Gartner report released this week.

Identity access management (IAM), the smallest slice in the overall IT security spending pie, is expected to jump 9.7% to $4.7 billion in 2018 over the previous year, the report states. Rising regulatory compliance and data privacy requirements over the past three years are driving demand for IAM products and services across the globe, according to the report, which points to the EU General Data Protection Regulation (GDPR) as one example.

Security services, the largest slice of the spending pie, is projected to increase 8.8% to $57.7 billion in 2018, compared with the previous year, Gartner reports. This spending jump is fueled by a skills shortage, growing threat landscape, and complexity in managing IT security, the report finds.

And within the security services sector, spending on outsourcing services is expected to jump 11% to $18.5 billion in 2018.

"Skill sets are scarce and therefore remain at a premium, leading organizations to seek external help from security consultants, managed security service providers, and outsourcers," Ruggero Contu, Gartner research director, said in a statement.

 

Worldwide spending on infrastructure protection is expected to rise 7.7% year-over-year in 2018, aided by demand for security testing and security information and event management (SIEM) technologies and services, according to the report.

Network security equipment spending is expected to increase 6.7% in 2018, compared with the previous year, while consumer security software is expected to tick up a mere 2.4% in the same time period.

"Overall, a large portion of security spending is driven by an organization's reaction toward security breaches as more high profile cyberattacks and data breaches affect organizations worldwide," Contu said. "Cyberattacks such as WannaCry and NotPetya, and most recently the Equifax breach, have a direct effect on security spend, because these types of attacks last up to three years."

Despite the projected 8% increase in IT security spending in 2018, High-Tech Bridge CEO Ilia Kolochenko does not believe it is enough.

"In light of the ubiquitous penetration of all types of technology into our everyday life, skyrocketing attacks against SCADA, and emerging IoT botnets, the growth of worldwide security spending seems to be very slow and inadequate to cover at least the most important risks," says Kolochenko in a statement.

By 2020, Gartner forecasts more than 60% of organizations will have multiple data security tools, such as, data loss prevention, encryption, and data-centric audit and protection tools. That will be nearly double the 35% penetration rate for multiple data security tools today, the report notes.

Enterprises, meanwhile, are projected to shift their budgets toward detection and response solutions, which will drive IT security spending even further over the next five years, Gartner reports.

"This increased focus on detection and response to security incidents has enabled technologies such as endpoint detection and response, and user entity and behavior analytics to disrupt traditional markets such as endpoint protection platforms and SIEM," Contu says.

Related Content:

Dawn Kawamoto is an Associate Editor for Dark Reading, where she covers cybersecurity news and trends. She is an award-winning journalist who has written and edited technology, management, leadership, career, finance, and innovation stories for such publications as CNET's ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7227
PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, ...
CVE-2019-15625
PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
CVE-2019-19696
PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...
CVE-2019-19697
PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...
CVE-2019-20357
PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.