A Gartner forecast says despite significant growth, cloud security will remain a small fraction of the overall market
Security services now account for more than half of the overall security spending in the enterprise and will remain that way for the next two years, according to data on worldwide spending on information security, released by Gartner.
Garter says overall security spending will grow by 22% between last year and 2019 and will reach USD 124 billion in that year, up from USD 101 billion last year. The research firm says this year the spending will be USD 114 billion.
While security services would account for 52% of the total security spending, traditional segments like infrastructure security and network security will account for 12% and 11% respectively. The spending mix is not likely to change much between 2017 and 2019, despite a significant rise in spend in cloud security, which still accounts for a very small fraction of the overall security spend.
Between 2017 and 2019, spending on cloud security will more than double to USD 459 million while data security too will register a significant growth, recording a growth of 37% from between last year and 2019. Most other enterprise security segments will grow around 20-25%, according to Gartner frecast.
"Security leaders are striving to help their organizations securely use technology platforms to become more competitive and drive growth for the business," says Siddharth Deshpande, research director at Gartner. "Persisting skills shortages and regulatory changes like the EU’s Global Data Protection Regulation (GDPR) are driving continued growth in the security services market."
A 2017 Gartner survey had revealed that the top three drivers for security spending are (1) security risks; (2) business needs; and (3) industry changes. Privacy concerns are also becoming a key factor.
“Privacy concerns will drive at least 10 percent of market demand for security services through 2019 and will impact a variety of segments, such as identity and access management (IAM), identity governance and administration (IGA) and data loss prevention (DLP),” the company says.
‘Highly publicized data breaches, like the recent attack on SingHealth that compromised the personal health records of 1.5 million patients in Singapore, reinforce the need to view sensitive data and IT systems as critical infrastructure,” says Deshpande.
An increased focus on building detection and response capabilities, privacy regulations such as GDPR, and the need to address digital business risks are the main drivers for global security spending through 2019.
Some of the key trends identified by the research firms are
- At least 30 percent of organizations will spend on GDPR-related consulting and implementation services through 2019. Organizations are continuing their journey toward compliance with the GDPR that has been in effect since 25 May 2018. Implementing, assessing and auditing the business processes related to the GDPR are expected to be the core focus of security service spending for EU-based organizations, and for those whose customers and employees reside there.
- Risk management and privacy concerns within digital transformation initiatives will drive additional security service spending through 2020 for more than 40 percent of organizations. Consulting and implementation service providers have retooled their service offerings over the past several years to support customers on their digital transformation journey. Security is a key factor in the uptake of that transformation process for regulated data, critical operations and intellectual property protection spanning public cloud, SaaS and the use of Internet of Things (IoT) devices.
- Services (subscription and managed) will represent at least 50 percent of security software delivery by 2020. Security as a service is on the way to surpassing on-premises deployments, and hybrid deployments are enticing buyers. A large portion of respondents to Gartner’s security buying behavior survey said they plan to deploy specific security technologies, such as security information and event management (SIEM), in a hybrid deployment model in the next two years. Managed services represented roughly 24 percent of deployments, on average.