Global end-user spending on security and risk management is projected to total $215 billion in 2024, an increase of 14.3% from 2023 when spending will reach $188.1 billion – with application security, data security and identity access management among the key drivers.
That’s according to Gartner, which says the continuous adoption of cloud, continuous hybrid workforce, rapid emergence and use of generative AI (GenAI), and the evolving regulatory environment are forcing security and risk management (SRM) leaders to enhance their security and risk management spending.
Shailendra Upadhyay, Senior Research Principal at Gartner, said: “At the same time, they are focusing their efforts by adopting technical security capabilities that provide far greater visibility and responsiveness across the organisation’s entire digital ecosystem and restructuring the way the security function operates to enable agility without compromising security.”
Spending on data privacy and cloud security are projected to record the highest growth rates in 2024, with each segment increasing more than 24% year-over-year (see Table 1). Privacy remains a top organizational priority as regulations that impact the processing of personal data continue to emerge, including those related to the use of AI. Gartner predicts that by 2025, 75% of the world’s population will have its personal data covered by modern privacy regulations.
Table 1. Security and Risk Management End-User Spending for All Segments, Worldwide, 2022-2024 (Millions of U.S. Dollars)
| Segment | 2022 Spending | 2022Growth (%) | 2023 Spending | 2023Growth (%) | 2024 Spending | 2024 Growth (%) |
| Application Security | 5,047.6 | 10.9 | 5,765.2 | 14.2 | 6,670.3 | 15.7 |
| Cloud Security | 4,487.4 | 24.0 | 5,616.7 | 25.2 | 7,002.6 | 24.7 |
| Data Privacy | 1,129.2 | 9.9 | 1,338.7 | 18.5 | 1,667.3 | 24.6 |
| Data Security | 3,072.9 | 21.4 | 3,692.1 | 20.1 | 4,333.3 | 17.4 |
| Identity Access Management | 13,944.1 | 13.6 | 16,169.1 | 16.0 | 18,556.5 | 14.8 |
| Infrastructure Protection | 24,089.0 | 19.9 | 28,359.6 | 17.7 | 33,319.6 | 17.5 |
| Integrated Risk Management | 5,157.3 | 9.6 | 5,687.1 | 10.3 | 6,277.7 | 10.4 |
| Network Security Equipment | 18,932.5 | 11.9 | 21,383.6 | 12.9 | 24,360.1 | 13.9 |
| Security Services | 73,394.7 | 3.9 | 80,835.7 | 10.1 | 89,996.7 | 11.3 |
| Consumer Security Software | 7,443.4 | 2.9 | 7,901.7 | 6.2 | 8,406.7 | 6.4 |
| Others | 8,029.8 | 50.1 | 11,365.4 | 41.5 | 14,362.8 | 26.4 |
| Total | 164,728.0 | 10.6 | 188,114.8 | 14.2 | 214,953.7 | 14.3 |
Source: Gartner (September 2023)
The continued growth in public cloud services will bolster spending on cloud security tools. In the cloud security segment, the combined spending on cloud access security brokers software (CASB) and cloud workload protection platforms (CWPP) is projected to total $7 billion in 2024, up 24.7% from 2023. Demand for cloud-based detection and response solutions — such as endpoint detection and response (EDR) and managed detection and response (MDR) — is also expected to increase in 2024.
Spending on security services – consulting, IT outsourcing, implementation and hardware support –is forecast to total $90 billion in 2024, an increase of 11% from 2023. Security services is expected to represent 42% of total security and risk management end-user spending in 2024, and to remain the largest area of security and risk management spending in 2024.
“In light of cyber risks increasing, cyberthreats proliferating and a changing operating environment, it is more critical than ever for organizations to build and optimize a cybersecurity program,” said Upadhyay. “It is the cornerstone of cybersecurity initiatives which help SRM leaders secure new environments, protect against the expanded attack surface, consume security capabilities in new ways and create better efficiencies through automation.”
Image by Emilian Robert Vicol from Pixabay
