Enterprise security is becoming more expensive — and complex — according to Gartner.
The analyst firm forecasts worldwide enterprise security spending to total $96.3 billion in 2018 up 8 percent from 2017.
Companies also are using a growing number of security products for protection. By 2020, more than 60 percent of organizations will invest in multiple tools such as data loss prevention, encryption, and data-centric audit and protections tools. This is up from about 35 percent today, according to Gartner.
And this is contributing to vendor fatigue and increasingly complex environments as enterprises — already under stress from a shortage of security professionals — struggle to integrate vendors and products across the network.
“While the problem has been getting worse, there has always been an issue between the need of specialized security controls and the challenges of dealing with a complex security portfolio,” said Ruggero Contu, research director at Gartner and lead author of the report. But there is no easy solution to this problem, he said in an email to SDxCentral.
“While there is the opportunity to leverage product platforms delivering well-integrated sets of security features, there will remain the need to invest in stand-alone security controls,” he wrote. “This will continue to drive M&A activity in security along with the expected, continuous influx of innovation coming from startups.”
Security Spending Drivers
The drivers behind organizations spending more on security include regulations, shifting buyer mindset, awareness of emerging threats, and the evolution to a digital business strategy, according to Gartner. Of the 53 percent of organizations that cited security risks as the top driver for overall security spending, the highest percentage of respondents said that a security breach is the main security risk influencing their security spending.
Even if they haven’t suffered a breach, high-profile cyberattacks like WannaCry, NotPetya, and the Equifax breach have a direct effect on companies’ security spending, Contu said. “Many organizations start prioritizing security after they fall victim to an attack, but many fear the potential impact to business. The threat of a security breach is a key driver.”
This represents a major change in the way companies approach cybersecurity, Contu added. “There is definitely a shift in attitudes and higher management, members of the board, and sometimes the CEO are behind security initiatives.”
Security testing, IT outsourcing, and security information and event management will be among the fastest-growing security subsegments driving growth in the infrastructure protection and security services segments, according to the forecast.
Additionally, enterprise security budgets are shifting toward detection and response, and using technologies such as endpoint detection and response, and user entity and behavior analytics. Gartner says this trend will also drive security market growth during the next five years.