Security remains a top-of-mind priority for companies in every vertical as they seek to protect themselves from cyber-attacks while meeting stringent new regulatory requirements. International Data Corporation (IDC) projects security will be a $133.7 billion market in 2022.
IDC is forecasting some impressive numbers for security spending in the next few years, with the United States standing out as largest geographic market for security solutions with total spending of $39.3 billion this year alone.
The latest IDC Spending Guide, which has a forecast period of 2017 – 2022, projects worldwide spending on security solutions (hardware, software and services) will reach $133.7 billion in 2022. Security spending in 2022 will be 45% greater than the $92.1 billion forecast for 2018.
The research addresses key questions like:
- What are the different elements of security spend?
- How will security spending adoption vary by region, country, and industry?
- How will the core security market and next-generation security grow over the forecast period?
- Which industries and geographies present the greatest growth opportunity for security spend?
Security services, endpoint security software, and integration
Security-related services will be the largest and the fastest-growing category of worldwide security spending ($40.2 billion in 2018, or 11.9% compound annual growth rate / CAGR), while managed security services will be the largest segment within the services category, responsible for half of the category total in at the end of the forecast period. Integration services and consulting services will make up the remainder.
The second-largest category with spending expected to total $34.4 billion in 2018 will be security software, of which endpoint security software will be the largest software segment throughout the forecast period. Next in line are identity and access management software and security and vulnerability management software. As far as hardware spending, businesses have put aside budgets for unified threat management, firewall and content management solutions.
The biggest spenders: banking, manufacturing and government
The vertical most keen to beef up on cyber-security will be the banking sector, growing from $10.5 billion in 2018 to $16.0 billion in 2022. More than half of the industry's spend throughout the forecast will be on services.
Discrete manufacturing and federal/central government are the second and third largest spenders with $8.9 billion and $7.8 billion in 2018, respectively. These industries are set to follow a similar pattern, with services representing around half of each industry's total spending.
Telecommunications, state/local government, and the resource industry (11.8% CAGR) will see the fastest growth in security spending, with an average 12% CAGR.
Geographically, the United States will be largest market for security solutions with total spending of $39.3 billion this year, followed by the United Kingdom with $6.1 billion, and China ($5.6 billion), Japan ($5.1 billion), and Germany ($4.6 billion). China in particular is on track to achieve the strongest spending growth with a five-year CAGR of 26.6%, trailed by Malaysia and Singapore as the second and third fastest growing regions with CAGRs of 21.1% and 18.2%, respectively.
Budgets accurately reflected by business size
IDC analysts looked not only at geographies and industries, but also specific buyers, such as the type of companies that are pouring vast amounts of cash and resources to achieve strong cyber-resilience. They found that businesses with more than 500 employees will be responsible for nearly two thirds of all security-related spending in 2018, while large and medium (100-499 employees) businesses will see the strongest spending growth over the forecast. Very large businesses (more than 1,000 employees) will grow equally fast. Small businesses (10-99 employees) will also experience similar growth, albeit a tad slower spending-wise ($ billion or 8.9% CAGR) in 2018.
"Security remains an investment priority in every industry as companies seek to protect themselves from large scale cyber attacks and to meet expanding regulatory requirements," said Eileen Smith, program director, Customer Insights and Analysis, IDC. "While security services are an important part of this investment strategy, companies are also investing in the infrastructure and applications needed to meet the challenges of a steadily evolving threat environment."
"Privacy has grabbed the attention of Boards of Directors as regions look to implement privacy regulation and compliance standards similar to GDPR. Frankly, privacy is the new buzz word and the potential impact is very real. The result is that demand to comply with such standards will continue to buoy security spending for the foreseeable future," said Frank Dickson, research vice president, Security Products, IDC.