If there’s anything a business is concerned with when a new year is about to commence is spending. A budget and what costs to expect are best planned for in advance; and in this spending decision-making process, cybersecurity can’t be ignored. The recent forecast by Gartner can help businesses to have additional knowledge on cybersecurity spending that will come in handy as the new year approaches.
According to Gartner, worldwide enterprise security spending in 2018 will be a total of $96.3 billion. This is an increase of 8% from 2017 and the spending that businesses are incurring is a result of regulations, a shifting buyer mindset, as well as the gained awareness of new cyber threats and their evolution when it comes to the digital component of a business strategy.
What is driving this increase in spending has resulted from this year’s breaches and cyberattacks, such as the WannCry and NotPetya attacks and the Equifax breach. These types of attacks drive spending because the consequences they bring requires time for businesses to get back on track, to recover from the attack and remedy damage, but also put into effect new and better security measures for the enterprise.
Gartner’s 2016 security buyer behavior is what validates the knowledge of spending following such attacks. The survey found that of the 53% of organizations that cited security risks as the number one driver for overall security spending, the highest percentage of respondents said that a security breach is the main security risk influencing their security spending. This means you can expect businesses to increase spending in security testing, IT outsourcing and security information and event management (SIEM) to ensure they are better prepared to defend from attacks (moving forward).
Next on the list of reasons for increased spending in cybersecurity is compliance. Regulatory compliance and data privacy has affected the spending of businesses in the US for more than three years now when we look at HIPPA (the Health Insurance Portability and Accountability Act) and NIST (National Institute of Standards and Technology), to name a few. Europe is following suit with GDPR (General Data Protection Regulation) coming into force on May 28, 2018. These regulations force businesses to spend in areas such as data security tools and manage privileged access, as well as security information and event management.
Gartner predicts that by 2020, more than 60% of organizations will invest in multiple data security tools such as data loss prevention, encryption and data-centric audit and protection tools. This percentage is up from approximately 35%. Also, to keep in mind is that tools are not a complete cybersecurity solution, therefore businesses will have to invest in more than just tools, like hiring expert cybersecurity personnel and/or outsourcing in addition to also implementing automation where possible.
Due to a cybersecurity skills shortage that isn’t going away any time soon, businesses will have to look elsewhere to find the needed level of expertise to protect their business from security risks. Gartner foresees that in 2018, spending on security outsourcing services will total $18.5 billion. This is an 11% increase from 2017. Also, if you weren’t aware, the IT outsourcing segment is the second-largest security spending segment after consulting. Additionally, it’s worth noting that Gartner predicts that by 2019, total enterprise spending on security outsourcing services will be 75% of the spending on security software and hardware products, up from 63% in 2016.
Lastly, on spending is the shift towards budgets for detection and response, another essential component to an effective cybersecurity posture. According to Gartner, businesses can expect to see a growth in this area in the next five years.
If you need assistance in your planning and executing of cybersecurity measures in the new year, please feel free to reach out and schedule a call.
Planning on how to best allocate your cybersecurity budget and dollars is the best thing you can do to stay on track with your security and ahead of your business risks.
Photo courtesy of Nata-Lia