Gartner: Threat awareness boosting information security sales

Security button

Worldwide spending on information security will reach $71.1bn in 2014, an increase of 7.9 percent over 2013, with the data loss prevention segment recording the fastest growth at 18.9 percent, according to the latest forecast from Gartner.

The analyst expects total information security spending will grow a further 8.2 percent in 2015, reaching $76.9 bn.

Gartner said the increasing adoption of mobile, cloud, social and information (which it describes as “the Nexus of Forces”) will drive use of new security technology and services through 2016.

“This Nexus of Forces is impacting security in terms of new vulnerabilities,” comments Gartner research director, Lawrence Pingree. “It is also creating new opportunities to improve effectiveness, particularly as a result of better understanding security threats by using contextual information and other security intelligence.”

Pingree says a big trend that emerged in 2013 was the democratisation of security threats, driven by the easy availability of malicious software (malware) and infrastructure (via the underground economy) that can be used to launch advanced targeted attacks

“This has led to increased awareness among organisations that would have traditionally treated security as an IT function and a cost centre,” says Pingree.

Managed security opportunity

Of interest to the IT security channel is that Gartner predicts that by 2018, more than half of organisations will use security services firms that specialise in data protection, security risk management and security infrastructure management to enhance their security postures.

Many organisations continue to lack the appropriate skills necessary to define, implement and operate appropriate levels of data protection and privacy-specific security controls, leading then to contract security consulting firms that specialise in data protection and security risk management to address regulatory compliance demands and enhance their security postures.

The report adds that a significant portion of organisations are shifting existing resources away from the operational aspects of security technologies, such as security device administration and monitoring, toward mitigation and incident response, giving rise to significant growth for managed security services.

Cloud security

Gartner also says that by 2015, roughly 10 percent of overall IT security enterprise product capabilities will be delivered in the cloud.

While cloud-based services’ competitive pricing puts pressure on the market, the cloud is also providing new growth opportunities, as some organisations switch from deploying on-premises products to cloud-based services or cloud-managed products. More than 30 percent of security controls deployed to the SMB segment will be cloud-based by 2015, says Gartner.

Also, by year-end 2015, about 30 percent of infrastructure protection products will be purchased as part of a suite offering.

The report claims that the presence of mature technologies, such as endpoint protection platform (EPP) and email security, will be contrasted by growth opportunities offered by segments such as security information and event management , data loss prevention (DLP) and emerging technologies within the “other security” segment.

Gartner predicts that security providers in the more mature segments will support sales through the addition of new security controls as part of broader suite offerings. This will be the case within the EPP segment, with the increasing availability of DLP, mobile device management, vulnerability assessment, hosted archiving and encryption for secure email gateway. This expansion of suite offerings to include new security controls is expected to help maintain momentum and slow down commoditisation of these mature markets.

Mobile security not yet on radar

Elsewhere, mobile security will be a higher priority for consumers from 2017 onward.

The report states there currently is a lack of penetration of security tools among users of new mobile platforms, and interestingly, Gartner doesn’t expect to see new demand for them to emerge before 2016. It says that most consumers don’t recognise that antivirus is important on mobile devices and therefore have not yet established a consistent practice of buying mobile device endpoint protection software.

However, as mobile devices gain in mass popularity and as security is likely to be a higher priority from 2017 onward, then new market opportunities are likely to emerge.


ITPro is a global business technology website providing the latest news, analysis, and business insight for IT decision-makers. Whether it's cyber security, cloud computing, IT infrastructure, or business strategy, we aim to equip leaders with the data they need to make informed IT investments.

For regular updates delivered to your inbox and social feeds, be sure to sign up to our daily newsletter and follow on us LinkedIn and Twitter.