A new report from Gartner claims that information security spending will increase about 7 percent this year, and climb to $93 billion in 2018. As impressive as that number sounds, it actually seems quite tame when you consider the pace and volume of cyber attacks companies face. I reached out to information security experts to get their opinion and feedback on the Gartner report.
If you’ve been online or turned on a TV in the past few months, you’ve probably noticed that there is a persistent and apparently endless stream of malware attacks and data breaches. It should come as absolutely no surprise then that spending on information security is increasing as well. Worldwide spending on information security products and services will reach $86.4 billion in 2017, an increase of 7 percent over 2016, with spending expected to grow to $93 billion in 2018, according to the latest forecast from Gartner, Inc., released this week.
The Gartner report suggests that security services will continue to be the fastest growing segment – especially IT outsourcing, consulting and implementation services. However, hardware support services will see growth slowing, due to the adoption of virtual appliances, public cloud and software as a service (SaaS) editions of security solutions, which reduces the need for attached hardware support overall.
“The biggest surprise to me in this report is actually how conservative the growth estimates in cybersecurity spend are,” proclaimed Ajay Arora, CEO of Vera. “If you look at the continuous and almost unstoppable acceleration in breaches, I think these estimates are vastly underestimated. If you take a look at the aggregate losses due to data breaches in the last five years and project those forward, the growth rate would be at least an order of magnitude above what the spend estimates are to stop these breaches. Companies aren’t going to solve these very serious issues by investing in a fly swatter when what’s required is a tank.”
Joseph Carson, Chief Security Scientist at Thycotic, agrees that Gartner’s estimate seems to lean toward the conservative side. “I believe that the actual number will be much higher given that many aggressive regulations will come into enforcement in 2018, including the EU General Data Protection Regulation (GDPR). This will force many companies to increase spending on information security and response to avoid becoming either victims or receiving massive financial fines for failure to protect and secure.”
Carson cited the exorbitant losses resulting from recent attacks like WannaCry and NotPetya in support of his argument. He noted that Maersk reported its loss from a June cyber attack in excess of $300 million (USD) and explained that most organizations would prefer to prevent these attacks from occurring in the first place rather than clean up the mess after the fact – resulting in huge financial losses.
Read the full story on Forbes: Gartner Predicts Information Security Spending To Reach $93 Billion In 2018.