Worldwide Spending on Security & Risk Management Forecast to Grow 11.3% in 2023.
Three factors influencing growth in security spending are the increase in remote and hybrid work, the transition from virtual private networks (VPNs) to zero trust network access (ZTNA) and the shift to cloud-based delivery models, according to Gartner, Inc.
“The pandemic accelerated hybrid work and the shift to the cloud, challenging the CISO to secure an increasingly distributed enterprise,” said Ruggero Contu, senior director analyst at Gartner.
“The modern CISO needs to focus on an expanding attack surface created by digital transformation initiatives such as cloud adoption, IT/OT-IoT convergence, remote working and third-party infrastructure integration. Demand for technologies and services such as cloud security, application security, ZTNA, and threat intelligence has been rising to tackle new vulnerabilities and risks arising from this exposure,” he said.
Spending on information security and risk management products and services is forecast to grow 11.3% to reach more than $188.3 billion in 2023. Cloud security is the category forecast to have the strongest growth over the next two years. As organizations increase focus on ESG, third-party risk, cybersecurity risk and privacy risk, Gartner forecasts that the integrated risk management (IRM) market will show double-digit growth through 2024, until greater competition results in cheaper solutions.
Security services including consulting, hardware support, implementation and outsourced services is the largest category of spending, at almost $72 billion in 2022, and expected to reach 76.5 billion in 2023 (see Table 1).
Table 1
Worldwide Information Security & Risk Management End User Spending by Segment, 2021-2023 (Millions of U.S. Dollars)
Market Segment | 2021 Spending | 2021 Growth (%) | 2022 Spending | 2022 Growth (%) | 2023 Spending | 2023 Growth (%) |
Application Security | 4,963 | 20.8 | 6,018 | 21.3 | 7,503 | 24.7 |
Cloud Security | 4,323 | 36.3 | 5,276 | 22.0 | 6,688 | 26.8 |
Data Privacy | 1,140 | 14.2 | 1,264 | 10.8 | 1,477 | 16.9 |
Data Security | 3,193 | 6.0 | 3,500 | 9.6 | 3,997 | 14.2 |
Identity Access Management | 15,865 | 22.3 | 18,019 | 13.6 | 20,746 | 15.1 |
Infrastructure Protection | 24,109 | 22.5 | 27,408 | 13.7 | 31,810 | 16.1 |
Integrated Risk Management | 5,647 | 15.4 | 6,221 | 10.1 | 7,034 | 13.1 |
Network Security Equipment | 17,558 | 12.3 | 19,076 | 8.6 | 20,936 | 9.7 |
Other Information Security Software | 1,767 | 26.2 | 2,032 | 15.0 | 2,305 | 13.4 |
Security Services | 71,081 | 9.2 | 71,684 | 0.8 | 76,468 | 6.7 |
Consumer Security Software | 8,103 | 13.7 | 8,659 | 6.9 | 9,374 | 8.3 |
TOTAL | 157,749.7 | 14.3 | 169,156.2 | 7.2 | 188,336.2 | 11.3 |
Source: Gartner (October 2022)
Spending on information security and risk management products and services in Thailand is forecast to grow 11.8% to reach THB 16.7 billion in 2023. While security services is the largest category of security spending by organizations in Thailand, cloud security and integrated risk management will be the fastest growing market segments this year and in 2023. (see Table 2).
Table 2
Thailand Information Security & Risk Management End-User Spending by Segment, 2021-2023 (Millions of Thai Baht)
Market Segment | 2021 Spending | 2021 Growth (%) | 2022 Spending | 2022 Growth (%) | 2023 Spending | 2023 Growth (%) |
Application Security | 304.4 | 20.4% | 360.6 | 18.5% | 429.2 | 19.0% |
Cloud Security | 379.4 | 16.4% | 518.5 | 36.7% | 693.4 | 33.8% |
Data Privacy | 99.2 | 10.1% | 114.2 | 15.1% | 131.8 | 15.3% |
Data Security | 229.2 | 8.2% | 257.1 | 12.2% | 283.4 | 10.3% |
Identity Access Management | 1,460.6 | 15.4% | 1,666.1 | 14.1% | 1,873.1 | 12.4% |
Infrastructure Protection | 2,174.8 | 35.9% | 2,597.0 | 19.4% | 3,084.5 | 18.8% |
Integrated Risk Management | 474.3 | 29.8% | 623.2 | 31.4% | 808.1 | 29.7% |
Network Security Equipment | 2,240.4 | 9.6% | 2,561.1 | 14.3% | 2,892.9 | 13.0% |
Other Information Security Software | 119.8 | 25.1% | 141.4 | 18.0% | 160.2 | 13.3% |
Security Services | 5,506.5 | 2.7% | 5,656.5 | 2.7% | 5,891.5 | 4.2% |
Consumer Security Software | 446.9 | 2.8% | 473.2 | 5.9% | 485.5 | 2.6% |
TOTAL | 13,435.5 | 11.5% | 14,968.8 | 11.4% | 16,733.7 | 11.8% |
Source: Gartner (October 2022)
Remote Work Continues to Drive Investment
Demand for technologies that enable a secure remote and hybrid work environment will increase beyond 2022. As organizations look to create secure work-from-home environments, they are exploring solutions that offer quick return on investment. As a result, technologies such as web application firewalls (WAF), access management (AM), endpoint protection platform (EPP) and secure web gateway (SWG) will witness short-term demand at least until 2022.
The Rise of Zero Trust Network Access
ZTNA is the fastest-growing segment in network security, forecast to grow 36% in 2022 and 31% in 2023, driven by the increased demand for zero trust protection for remote workers and organizations’ reducing dependence on VPNs for secure access. As organizations become familiar with ZTNA, there is a growing trend to use it not only for remote working use cases but also for workers in the office.
Gartner predicts that by 2025, at least 70% of new remote access deployments will be served predominantly by ZTNA as opposed to VPN services, up from less than 10% at the end of 2021.
Shift to Cloud-Based Delivery Models
Due to multicloud environments, organizations face increased security risks as well as the complexity of operating and managing multiple technologies. This will lead to a push toward cloud security and the market share of cloud-native solutions will grow, according to Gartner.
The combined market for cloud access security brokers (CASB) and cloud workload protection platform (CWPP) will grow 26.8% to reach $6.7 billion in 2023. Demand for cloud-based detection and response solutions — such as endpoint detection and response (EDR) and managed detection and response (MDR) — will also increase in the coming years.
Gartner clients can learn more in “Forecast Analysis: Information Security and Risk Management, Worldwide” and “Forecast: Information Security and Risk Management, Worldwide, 2020-2026, 3Q22 Update.”
Learn about the top priorities for security leaders in 2022 in the complimentary Gartner ebook 2022 Leadership Vision for Security & Risk Management Leaders.
About Gartner for Information Technology Executives
Gartner for Information Technology Executives provides actionable, objective insight to CIOs and IT leaders to help them drive their organizations through digital transformation and lead business growth. Additional information is available at www.gartner.com/en/information-technology.
Follow news and updates from Gartner for IT Executives on Twitter and LinkedIn. Visit the IT Newsroom for more information and insights.
About Gartner
Gartner, Inc. (NYSE: IT) delivers actionable, objective insight to executives and their teams. Our expert guidance and tools enable faster, smarter decisions and stronger performance on an organization’s mission critical priorities. To learn more, visit gartner.com.
Source: PC & Associates Consulting