Worldwide spending on information security products and services will reach $81.6 billion in 2016, an increase of 7.9 percent over 2015, according to the latest forecast from Gartner.
Consulting and IT outsourcing are currently the largest categories of spending on information security. Until the end of 2020, the highest growth is expected to come from security testing, IT outsourcing and data loss prevention (DLP).
Preventive security will continue to show strong growth, as many security practitioners continue to have a buying preference for preventive measures. However, solutions such as security information and event management (SIEM) and secure web gateways (SWGs) are evolving to support detection-and-response approaches. Gartner expects the SWG market will maintain its growth of 5 to 10 percent through 2020 as organisations focus on detection and response.
“Organisations are increasingly focusing on detection and response, because taking a preventive approach has not been successful in blocking malicious attacks,” said Elizabeth Kim, senior research analyst, Gartner. “We strongly advise businesses to balance their spending to include both.”
She added that security spending will become increasingly service-driven as organisations continue to face staffing and talent shortages. Managed detection and response (MDR) is emerging, with demand coming from organisations struggling to deploy, manage and use an effective combination of expertise and tools to detect threats, and then bring their environment back to a known good state. This is particularly true for targeted advanced threats and insider threats. With more MDR providers emerging targeting the midmarket, Gartner foresees these services being an additional driver for security spending for both large and smaller organisations.
According to Gartner, spending in security markets such as consumer security software, secure email gateways (SEGs) and endpoint protection platforms (EPPs) continues to show constrained growth due to commoditisation.