Global spending on information security products and services will reach more than US$114 billion in 2018, an increase of 12.4 per cent from last year, according to the latest forecast from Gartner.
In 2019, the market is forecast to grow 8.7 per cent to $124 billion, reports the analyst firm.
The growth forecast for Australia and New Zealand is higher, at nearly 10 per cent.
In New Zealand, Gartner says security spending is expected to grow 9 per cent to reach NZ$550 million in 2018, and grow a further 9.9 per cent to NZ$604 million in 2019.
By far the smallest but fastest growing product category is cloud security, around $1 million this year, it states.
In Australia, Gartner says security spending is expected to grow 6 per cent to reach more than A$3.5 billion this year, and grow 9.8 per cent to almost $3.9 billion in 2019. Security services make up the bulk of spending, exceeding $2.15 billion in 2018.
"Security leaders are striving to help their organisations securely use technology platforms to become more competitive and drive growth for the business," says Siddharth Deshpande, research director at Gartner.
"Persistent skills shortages and regulatory changes like the EU’s Global Data Protection Regulation (GDPR) are driving continued growth in the security services market."
A 2017 Gartner survey revealed that the top three drivers for security spending are security risks; business needs; and industry changes.
Privacy concerns are also becoming a key factor. Gartner believes privacy concerns will drive at least 10 per cent of market demand for security services through 2019 and will impact a variety of segments, such as identity and access management(IAM), identity governance and administration (IGA) and data loss prevention (DLP).
Deshpande says highly publicised data breaches, like the recent attack on SingHealth that compromised the personal health records of 1.5 million patients in Singapore, reinforce the need to view sensitive data and IT systems as critical infrastructure.
"Security and risk management has to be a critical part of any digital business initiative," he says.
An increased focus on building detection and response capabilities, privacy regulations such as GDPR, and the need to address digital business risks are the main drivers for global security spending through 2019.
Gartner lists key trends affecting information security spending in 2018-2019, including:
At least 30 per cent of organisations will spend on GDPR-related consulting and implementation services through 2019.
Organisations are continuing their journey toward compliance with the GDPR that has been in effect since 25 May 2018. Implementing, assessing and auditing the business processes related to the GDPR are expected to be the core focus of security service spending for EU-based organisations, and for those whose customers and employees reside there.
Gartner says organisations will need to prepare for and augment their security stance to accommodate these new privacy protection regulatory mandates.
Risk management and privacy concerns within digital transformation initiatives will drive additional security service spending through 2020 for more than 40 per cent of organisations.
Consulting and implementation service providers have retooled their service offerings over the past several years to support customers on their digital transformation journey. Security is a key factor in the uptake of that transformation process for regulated data, critical operations and intellectual property protection spanning public cloud, SaaS and the use of Internet of Things (IoT) devices.
Services (subscription and managed) will represent at least 50 per cent of security software delivery by 2020.
Security as a service is on the way to surpassing on-premises deployments, and hybrid deployments are enticing buyers. A large portion of respondents to Gartner’s security buying behavior survey says they plan to deploy specific security technologies, such as security information and event management (SIEM), in a hybrid deployment model in the next two years. Managed services represented roughly 24 per cent of deployments, on average.
"On-premises deployments are still the most popular, but cloud-delivered security is becoming the preferred delivery model for a number of technologies," says Deshpande.
Gartner says a recent trend is the ability to provide security controls in the public cloud, closer to the workloads, from vendors such as ProtectWise, Alert Logic and McAfee. This market, it says, has the potential to reverse previous declines by the use of and introduction of new vendors and use cases.
Get the latest on digital transformation: Sign up for CIO newsletters for regular updates on CIO news, career tips, views and events.