Enterprise will spend $82bn on fending off hackers in 2016

Next-gen firewall companies like FireEye may be feeling the pinch from fewer state-backed Chinese hacker attacks, but worldwide spending on security is still growing, according to analyst firm Gartner.

The analyst firm has forecasted year on year growth of 7.9 percent in 2016, with spending set to reach $81.6 billion this year, dominated by security consulting services and IT outsourcing.

Gartner says that shortages of cyber security talent will ensure that spending on security remains focussed on services such as managed detection and managed response services. Organisations that are more prone to nation-backed hackers and insider threats are finding it difficult to manage the right mix of people and technology to detect and remediate attacks, so they’re seek outside help, according to Gartner.

There’s little good news for the consumer antivirus market though, with the analyst firm expecting “constrained growth” in commoditised security technologies, such as consumer security software, secure email gateways and antivirus for PCs and mobile devices.

Gartner made a few assumptions to come up with its spending forecast, including that the average selling price for firewalls will continue to grow by two to three percent until the end of 2018.

This is in part due to a thirst among “web-scale organisations”, as well as enterprise and service providers, for expensive, high capacity firewall equipment. After the end of 2018 though, all bets are off for firewall revenues.

As businesses move more computing infrastructure to the cloud, the likes of Amazon Web Services, Microsoft Azure and Google’s Cloud Platform are offering firewall features as part of the service, such as AWS’s Web Application Firewall.

Gartner however doesn’t expect public cloud adoption to meaningfully impact firewall spending until 2019 by which time it expects so-called “cloud access security brokers” or CASBs to be playing a bigger role in security.

Microsoft last year acquired one of a handful of CASBs, called Adallom, which it’s now offering as Microsoft Cloud App Security. CASB broadly offers a means of controlling ‘shadow IT’ in the enterprise or the phenomenon of employees bringing their own cloud apps to work. The technology offers enterprise a way of managing these apps via policy settings.

Gartner expects that the CASB approach to cloud apps will be expanded to include infrastructure and platform services delivered via the cloud.

This will impact spending on firewall products, however Gartner reckons it will be several years before this takes effect.

The firm notes: “While software as a service (SaaS) adoption is growing, the effect on firewall spending will be limited for the next three years. SaaS is the first choice for only 16 percent of CIOs surveyed by Gartner in 2015. Transitions also take time, during which vendors of cloud access security brokers (CASBs) will not only continue to evolve to cover more than just SaaS, but also perform similar roles for infrastructure as a service (IaaS) and platform as a service (PaaS). In addition, firewall vendors will also have to deal with one of their main challenges for the next few years: decrypting Secure Sockets Layer (SSL) at scale.”

Gartner also sees significant growth in spending on technologies to prevent data leakage (DLP). Today around half of all businesses have DLP platform installed, but expects that to rise to 90 percent by 2018.

Join the CSO newsletter!

Error: Please check your email address.

Tags firewallshackersAmazon Web ServicesSaaSIT security spendpublic cloud adoptionSSLIT outsourcingGartnermicrosoft azureGoggleinsider threatssecurity consulting servicesmanaged detection

More about Amazon Web ServicesAWSDLPFireEyeGartnerGoogleMicrosoft

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Liam Tung

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place