New regulations, increased awareness of new threats and increasing adoption of digital business strategies will drive worldwide enterprise spending on data security to $96.3 billion next year, an increase of 8% over 2017 spending.
The estimate comes from Gartner and was released last week, based on survey results from 512 respondents in eight countries.
Gartner research director Ruggero Contu, said:
Overall, a large portion of security spending is driven by an organization’s reaction toward security breaches as more high profile cyberattacks and data breaches affect organizations worldwide. Cyberattacks such as WannaCry and NotPetya, and most recently the Equifax breach, have a direct effect on security spend, because these types of attacks last up to three years.
The largest increases are forecast for security testing, IT outsourcing and security information and event management (SEIM). Consumer security software growth is forecast to rise by just over 2% to $4.76 billion, while security services is forecast to rise about 8.8% to $57.72 billion.
Major regulatory changes in Europe, China, India and the United States are principal drivers of the spending increase. Along with SEIM investment, Gartner expects more spending on data security tools and privileged access management.
Security outsourcing is forecast to rise by 11% year over year to $18.5 billion. Contu explained:
Skill sets are scarce and therefore remain at a premium, leading organizations to seek external help from security consultants, managed security service providers and outsourcers. … The IT outsourcing segment is the second-largest security spending segment after consulting.
By 2019, Gartner expects total enterprise spending on security outsourcing services to reach 75% of total spending on software and hardware products, up from 63% in 2016.
At least one security expert doesn’t think the increase is large enough. Ilia Kolochenko, CEO of High-Tech Bridge, told Dark Reading:
In light of the ubiquitous penetration of all types of technology into our everyday life, skyrocketing attacks against SCADA, and emerging IoT botnets, the growth of worldwide security spending seems to be very slow and inadequate to cover at least the most important risks.