Forecast on information security spending

Spending on information security products and services will grow 12.4 percent to $114 billion plus in 2018 and increase 8.7 percent to $124 billion in 2019, according to Gartner.
Security spending forecast by GartnerSkills shortages and regulatory changes like EU’s Global Data Protection Regulation (GDPR) are driving growth in the security services market.

Security risks, business needs and industry changes are the top three drivers for security spending.

Privacy concerns, which are also becoming a key factor, will drive at least 10 percent of market demand for security services through 2019 and will impact a variety of segments, such as identity and access management (IAM), identity governance and administration (IGA) and data loss prevention (DLP).

Popular data breaches, like the recent attack on SingHealth that compromised the personal health records of 1.5 million patients in Singapore, reinforce the need to view sensitive data and IT systems as critical infrastructure, said Siddharth Deshpande, research director at Gartner.

An increased focus on building detection and response capabilities, privacy regulations such as GDPR, and the need to address digital business risks are the main drivers for global security spending through 2019.

Organizations are continuing their journey toward compliance with the GDPR that has been in effect since 25 May 2018. Implementing, assessing and auditing the business processes related to the GDPR are expected to be the core focus of security service spending for EU-based organizations, and for those whose customers and employees reside there.

Risk management and privacy concerns within digital transformation initiatives will drive additional security service spending through 2020 for more than 40 percent of organizations.

Consulting and implementation service providers have retooled their service offerings over the past several years to support customers on their digital transformation journey.

Security is a key factor in the uptake of that transformation process for regulated data, critical operations and intellectual property protection spanning public cloud, SaaS and the use of Internet of Things (IoT) devices.

Services (subscription and managed) will represent at least 50 percent of security software delivery by 2020.