Worldwide spending on information security will reach $71.1bn in 2014, an increase of 7.9% over 2013, with the data loss prevention segment recording the fastest growth at 18.9%, according to the latest forecast from Gartner. Total information security spending will grow a further 8.2% in 2015 to reach $76.9bn.
Gartner said the increasing adoption of mobile, cloud, social and information (the Nexus of Forces) will drive use of new security technology and services through 2016. “This Nexus of Forces is impacting security in terms of new vulnerabilities,” says Gartner research director Lawrence Pingree. “It is also creating new opportunities to improve effectiveness, particularly as a result of better understanding security threats by using contextual information and other security intelligence.”
The bigger trend that emerged in 2013 was the democratisation of security threats, driven by the easy availability of malicious software (malware) and infrastructure (via the underground economy) that can be used to launch advanced targeted attacks.
It also says that by 2015, roughly 10% of overall IT security enterprise product capabilities will be delivered in the cloud. A significant number of security markets are being impacted by newly emerged delivery models. This is resulting in the growth of cloud-based security services, which are transforming, to different degrees, the way security is supplied and consumed by customers. More than 30% of security controls deployed to the small or midsize business (SMB) segment will be cloud-based by 2015.
Regulatory pressure will increase in Western Europe and Asia/Pacific from 2014. Regulatory compliance has been a major factor driving spending on security in the last three years, particularly in the US. Gartner expects this influence to accelerate from 2014.
By year-end 2015, about 30% of infrastructure protection products will be purchased as part of a suite offering. The presence of highly mature and commoditising technologies, such as endpoint protection platform(EPP) and email security, will be contrasted by growth opportunities offered by segments such as security information and event management, data loss prevention (DLP)and emerging technologies within the "other security" segment.
By 2018, more than half of organisations will use security services firms that specialise in data protection, security risk management and security infrastructure management to enhance their security postures. Many organisations continue to lack the appropriate skills necessary to define, implement and operate appropriate levels of data protection and privacy-specific security controls.
Mobile security will be a higher priority for consumers from 2017 onward.
There is a lack of penetration of security tools among users of new mobile platforms, and Gartner does not expect to see new demand for this type of capability to emerge before 2016.