Worldwide spending on information security is expected to reach $90 billion in 2017, an increase of 7.6 percent over 2016, and to top $113 billion by 2020, according to advisory firm Gartner. Spending on enhancing detection and response capabilities will likely be a key priority for security buyers through 2020.
"The shift to detection and response approaches spans people, process and technology elements and will drive a majority of security market growth over the next five years," said Sid Deshpande, principal research analyst at Gartner. "While this does not mean that prevention is unimportant or that chief information security officers (CISOs) are giving up on preventing security incidents, it sends a clear message that prevention is futile unless it is tied into a detection and response capability."
Gartner notes that, as enterprises shift toward balancing prevention with newer detection and response approaches, CISOs are changing how they measure the success of their security strategy. All security investments are measured on how they contribute to the shift in mindset. Even preventive security controls, such as EPP, firewalls, application security and intrusion prevention systems (IPSs), are being tweaked to provide more intelligence into security operations, analytics and reporting platforms.
"CISOs are keen to communicate the return on investment of their security strategy in terms of the business value associated with quick damage limitation, in addition to threat prevention and blocking," said Lawrence Pingree, research director at Gartner. "The key enabler for CISOs in this endeavor is to get visibility across their security infrastructure to make better decisions during security incidents. This visibility will enable them to have a more strategic and risk-based conversation with their board of directors, CFO and CEO about the direction of their security program."
Research firm IDC found that global cloud Infrastructure sales grew 14.5 percent to $7.7 billion in the first half of 2016. Private cloud revenue grew to $3.1 billion, compared with $4.6 billion for public cloud. Legacy IT sales dropped 6.1 percent. IDC also forecast that global security spending will reach nearly $102 billion by 2020, from roughly $74 billion this year, as Business Insights previously noted. Within the enterprise, not only IT is turning to cloud; business units including finance, marketing and sales, customer service, and operations have all reported in the GISS survey that they have moved some of their business functions to cloud.
Cloud security spending increased for 48 percent of the companies in the past year, while the IT security budget for other security activities remained the same, according to a recent Bitdefender report. Read the full white paper here.