Global information security spending ‘to reach $86.4 billion in 2017’

Global information security spending ‘is expected to reach $86.4 billion in 2017’ [Image: HYWARDS via iStock]

Worldwide spending on information security products and services will reach $86.4 billion (£67.4 billion ) in 2017, according to research firm Gartner.

This is an increase of seven per cent from 2016, with spending expected to grow to $93 billion (£72.5 billion) in 2018.

Gartner said that within the infrastructure protection segment, it has predicted fast growth in the security testing market, due to continued data breaches and growing demands for application security testing as part of DevOps. However, it said this would be from a small base.

The company has also forecast that spending on emerging application security testing tools, particularly interactive application security testing (IAST), will contribute to this segment’s growth up to 2021.

According to Gartner, security services will continue to be the fastest growing segment, particularly IT outsourcing, consulting and implementation services.

However, hardware support services are expected to see a slow down of growth, due to the adoption of virtual appliances, the public cloud and software as a service (SaaS), which reduces the need for attached hardware support overall.

Sid Deshpande, principal research analyst at Gartner, said: “Rising awareness among chief executives and boards of directors about the business impact of security incidents and an evolving regulatory landscape have led to continued spending on security products and services.”

However, he went on to explain that improving security is “not just about spending on new technologies”. Mr Deshpande pointed to the recent global security incidents, such as the WannaCry attack that affected the NHS, as proof that it’s vital to get the basics right.

He advised organisations to improve their security by addressing basic risk-related hygiene elements, including “threat-centric vulnerability management, centralised log management, internal network segmentation, backups and system hardening”.