Worldwide spending on information security products and services will reach US$81.6bn in 2016, an increase of 7.9% over 2015, says Gartner, Inc. in its latest forecast.
Consulting and IT outsourcing are currently the largest categories of spending on information security. Until the end of 2020, the highest growth is expected to come from security testing, IT outsourcing and data loss prevention (DLP).
Gartner says preventive security will continue to grow strongly as many security practitioners have a buying preference for preventive measures. However, security information and event management (SIEM) products and secure web gateways (SWGs) are evolving to support detection-and-response approaches. Gartner expects the SWG market to maintain its 5-10% growth through 2020 as organisations focus on detection and response.
“Organisations are increasingly focusing on detection and response because taking a preventive approach has not been successful in blocking malicious attacks,” said Elizabeth Kim, senior research analyst at Gartner. “We strongly advise businesses to balance their spending to include both.”
Security spending will become increasingly service-driven, Kim said. Organisations continue to face staffing and talent shortages, making it difficult to get the right expertise and tools for detecting threats and restoring their environment to a known good state. This is especially true when handling targeted advanced threats and insider threats. As a result, managed detection and response (MDR) has emerged to cater to the mid-market segment. Gartner foresees these services being an additional driver for security spending in both large and smaller organisations.
Spending in security markets such as consumer security software, secure e-mail gateways (SEGs) and endpoint protection platforms (EPPs) continues to show constrained growth due to commoditisation, says Gartner.
The forecast also expects average selling price for firewalls to increase by at least 2 or 3% year-on-year until end-2018. It will be driven by higher demand for high-end equipment among cloud providers and other service providers; larger bandwidth needs; and an increasing number of devices.
Even as vendor competition puts pressure on pricing, Gartner says enterprises, service providers and web-scale organisations are moving towards deploying bigger and more expensive firewalls. Consequently, the deployment of large firewalls by cloud service providers will remain an important source of revenue growth for vendors.
Gartner also predicts by 2018, 90% of organisations will implement at least one form of integrated DLP, up from 50% today. Organisations deploy DLP for regulatory compliance, intellectual property protection and data visibility and monitoring. Existing products are augmented by newer products that include user entity and behaviour analytics, image analysis, machine learning and data-matching technique.
The adoption of public cloud will have minimal impact on firewall spending, accounting for less than 10%, until the end of 2019, after which it will pick up. In a survey last year, Gartner found software-as-a-service (SaaS) was the first choice for only 16% of CIOs.
Transitions take time and vendors of cloud access security brokers (CASBs) will continue evolving to cover more than just SaaS: they will perform similar roles for infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS).
Firewall vendors will also have to deal with one of their main challenges for the next few years: decrypting Secure Sockets Layer (SSL) at scale.
Gartner says, half of midsize and large organisations will add bigger, more advanced inspection-oriented features to their network firewalls by 2019. As bandwidth increases, enterprises will require larger-scale, higher-performing and more expensive firewalls. Organisations are also looking to firewalls to consolidate other features such as web filtering and intrusion prevention capabilities. Some are enhancing their firewalls with new content inspection features such as malware sandboxing.