Global cybersecurity spending is expected to surge this year, fueled by escalating state-sponsored threats and the rise of generative AI, according to new analysis from IDC.
Statistics from the consultancy’s Worldwide Security Spending Guide show spending is expected to grow by 12.2% across the year and to hit $377 billion by 2028.
The bulk of this spending - 70% - will be in the US and Europe, the study found. But there's set to be an increase in every geographical region, in particular Latin America, Central and Eastern Europe, and the Middle East and Africa.
Eman Elshewy, senior research manager with IDC Data and Analytics, said rapid digital transformation efforts and enthusiasm for emerging technology adoption have significantly pushed demand for security solutions - and this is expected to accelerate further.
"MEA is witnessing substantial investments from both government and enterprises to fight rising cyber threats, with strong awareness for the importance of cybersecurity education and training programs to fortify organizations against possible attacks."
The industries spending big on cybersecurity
Banking, federal and central government, telecommunications, capital markets, and healthcare providers will be the biggest spenders this year.
Meanwhile, the fastest-growing sectors will be capital markets, media and entertainment and life sciences with an expected year-on-year growth rate of 19.4%, 17.1% and 16.9% respectively.
"The protection from cyber threats — now enhanced by AI and GenAI — is becoming an increasingly strategic issue for organizations in all industries," said Stefano.
He cited in particular organizations managing critical infrastructure - for example, oil and gas or telecommunications - along with those developing critical assets such as aerospace, defense and life sciences, or those providing key services to clients and citizens such as banking or government.
“Although national and international regulations still play an important role in guiding organizations' security strategies — especially in regulated industries — more of them are realizing that having a proactive approach to security is crucial, not only as a short-term operational protection measure but also as a competitive advantage in the long term," he said.
While large and very large businesses account for most security spending across all regions, IDC small and medium-sized businesses will also continue to increase their investments in security throughout the forecast period.
More than half the cash will go on security software, with a 14.4% year-on-year growth rate. There's particular growth for cloud native application protection platform (CNAPP) solutions, for example.
Similarly, smaller enterprises are ramping up investment in identity and access management (IAM) software and security analytics software.
Security services will be the second fastest growing technology group in 2025, driven by the continuing expansion of managed security services, followed by security hardware, which IDC said will achieve single-digit but steady growth in 2025.
MORE FROM ITPRO
- Cyber attacks against UK firms dropped by 10% last year, but experts say don't get complacent
- How to reduce cybersecurity costs for your business
- IT services spending set to surge in 2025 as CIOs shift to AI partner solutions
-
AI layoffs could spark a new wave of offshoringNews Analysts expect a wave of rehiring next year in the wake of AI layoffs. That may sound like good news for workers, but it'll probably involve offshoring or outsourcing.
-
Hackers are using these malicious npm packages to target developers Windows, macOS, and Linux systemsNews Security experts have issued a warning to developers after ten malicious npm packages were found to deliver infostealer malware across Windows, Linux, and macOS systems.
-
Cybersecurity leaders must stop seeing resilience as a "tick box exercise" to achieve meaningful protection, says Gartner expertNews Collaboration between departments and a better understanding of organizational metrics are key to addressing security blindspots
-
Security experts call for better 'offboarding' practices amid spate of insider attacks by outgoing staffNews Enterprises should act swiftly to revoke rights and access, regardless of the manner of an employee’s departure.
-
Cyber teams are struggling to keep up with a torrent of security alertsNews Fragmented identity security processes are creating blind spots, and the proliferation of tools doesn't help
-
Identity security is more important than ever – here’s whyNews 78% of enterprises told Okta that controlling access and permissions for non-human identities is now their main identity security concern.
-
Okta and Palo Alto Networks are teaming up to ‘fight AI with AI’News The expanded partnership aims to help shore up identity security as attackers increasingly target user credentials
-
Developer security best practices in a fast growing tech companyWhitepaper A buyer's guide for meeting the unprecedented speed and complexity of today's development practices
-
Zero to hero: A blueprint for establishing a security champions programWhitepaper A buyer's guide for meeting the unprecedented speed and complexity of today's development practices
-
DevSecOps is dead...or is it?:Whitepaper A buyer's guide for meeting the unprecedented speed and complexity of today's development practices
