Growing even faster in emerging APAC countries at 9.8%
Driven by increasing adoption of mobile, cloud and social
WORLDWIDE spending on information security will reach US$71.1 billion in 2014, an increase of 7.9% over 2013, with the data loss prevention segment recording the fastest growth at 18.9%, according to the latest forecast from Gartner Inc.
Total information security spending will grow a further 8.2% in 2015 to reach US$76.9 billion, the research and analyst firm said in a statement.
In emerging Asia Pacific countries, spending on information security will reach US$1.8 million in 2014, with an estimated growth of 9.8%.
According to Gartner, the increasing adoption of mobile, cloud, social and information – often interacting together – will drive use of new security technology and services through 2016.
“This Nexus of Forces is impacting security in terms of new vulnerabilities,” said Gartner research director Lawrence Pingree (pic).
“It is also creating new opportunities to improve effectiveness, particularly as a result of better understanding security threats by using contextual information and other security intelligence,” he added.
Pingree said that the bigger trend that emerged in 2013 was the ‘democratisation’ of security threats, driven by the easy availability of malicious software (malware) and infrastructure (via the underground economy) that can be used to launch advanced targeted attacks.
“This has led to increased awareness among organisations that would have traditionally treated security as an IT function and a cost centre,” he added.
Other trends in the information security market that form assumptions behind Gartner’s latest forecast include:
1) By 2015, roughly 10% of overall IT security enterprise product capabilities will be delivered in the cloud.
A significant number of security markets are being impacted by newly emerged delivery models, Gartner said.
This is resulting in the growth of cloud-based security services, which are transforming, to different degrees, the way security is supplied and consumed by customers.
While cloud-based services' competitive pricing puts pressure on the market, the cloud is also providing new growth opportunities, as some organisations switch from deploying on-premise products to cloud-based services or cloud-managed products.
More than 30% of security controls deployed to the small or medium business (SMB) segment will be cloud-based by 2015.
2) Regulatory pressure will increase in Western Europe and Asia Pacific from 2014.
Regulatory compliance has been a major factor driving spending on security in the last three years, particularly in the United States.
Gartner said it expects this influence to accelerate from 2014. Broader data privacy legislation such as the Australian Privacy Act is expected to sustain spending on security this year.
Other examples of intensifying regulatory pressure driving spending on compliance include the issue of guidelines regarding personal information protection in China in February 2013 (although they are not legally binding) and planned implementation of an addition to the EU Data Protection Directive.
Other examples include personal data protection laws (introduced in 2013) in Singapore and Malaysia.
3) By year-end 2015, about 30% of infrastructure protection products will be purchased as part of a suite offering.
The presence of highly mature and commoditising technologies, such as EPP (Extensible Provisioning Protocol) and email security, will be contrasted by growth opportunities offered by segments such as SIEM (Security information and Event Management), DLP (Data Loss Prevention) and emerging technologies within the ‘other security’ segment.
Security providers in the more mature and consolidated segments are predicted to support sales through the addition of new security controls as part of broader suite offerings.
This will be the case within the EPP segment, with the increasing availability of DLP, mobile device management, vulnerability assessment, hosted archiving and encryption for secure email gateways.
This expansion of suite offerings to include new security controls is expected to help maintain momentum and slow down the commoditisation of these mature markets.
4) By 2018, more than half of organisations will use security services firms that specialise in data protection, security risk management and security infrastructure management to enhance their security postures.
Many organisations continue to lack the appropriate skills necessary to define, implement and operate appropriate levels of data protection and privacy-specific security controls.
This lack of skills is leading organisations to contract security consulting firms that specialise in data protection and security risk management to address regulatory compliance demands and enhance their security postures.
A significant portion of organisations are shifting existing resources away from the operational aspects of security technologies, such as security device administration and monitoring, toward mitigation and incident response.
This new dynamic has given rise to significant growth throughout the globe for managed security services, Gartner said.
5) Mobile security will be a higher priority for consumers from 2017 onward.
There is a lack of penetration of security tools among users of new mobile platforms, and Gartner does not expect to see new demand for this type of capability to emerge before 2016.
Most consumers do not recognise that antivirus is important on mobile devices and therefore have not yet established a consistent practice of buying mobile device endpoint protection software.
This purchasing trend and market shift away from PCs will have significant repercussions on the consumer security market. However, as mobile devices gain in mass popularity and as security is likely to be a higher priority from 2017 onward, then new market opportunities are likely to emerge.
Malaysia among top 10 Asian countries exposed to APTs
Preventing data loss, and the health of your business
HP gets serious about security, controversial Autonomy deal bearing fruit
Govt malware, insider threats to dominate security landscape: CyberArk
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.