Cyber investment set for $215 billion mark by 2024, predicts Gartner
Cybersecurity Spending Set to Soar in 2024 and Beyond
The global spending on security and risk management is projected to reach an impressive $215 billion next year, marking a 14% year-over-year increase from 2023 [1][2][3][5]. This growth is driven by escalating cyber threats, widespread AI adoption, cloud migration, and increasing regulatory pressures.
Shailendra Upadhyay, senior research principal at Gartner, emphasised the importance of building and optimising a cybersecurity program for organisations. He stated that it is more critical than ever in the current digital landscape [1].
Security services, the industry's largest segment, will account for 42% of all spending. The segment is expected to rise 11% to $90 billion next year [1][2].
Infrastructure protection is expected to capture $33.3 billion next year, while network security endpoint is set to capture $24.3 billion [1].
The shift from on-premises infrastructure to cloud-native and multi-cloud environments significantly raises demand for cloud security tools. Cloud Access Security Brokers (CASB) and Cloud Workload Protection Platforms (CWPP) markets are forecast to grow from $6.7 billion in 2024 to $8.7 billion in 2025 [2][3][4].
AI and generative AI (GenAI) are major growth drivers in the cybersecurity industry. Both the use of AI internally and by cyber attackers increase complexity and risk, prompting higher investments in AI-aware data protection, behavioural analytics for insider threats, and secure AI lifecycle management [1][4].
The advent of generative AI will introduce new risks, according to Leroy Terrelonge, VP analyst of cyber credit risk at Moody's. He also raised questions about the effectiveness of some cyber initiatives, highlighting that advanced cyber practices remain out of reach for many issuers [3].
Organisations devoted 8% of their technology budgets to cybersecurity in 2023, up from 5% in 2019, according to Moody's 2023 cyber survey. These investments are in response to regulatory requirements and increased cyber risk [3].
However, challenges remain. Economic and geopolitical uncertainties are leading some organisations to adopt a cautious approach to new cybersecurity spending despite rising threats [1][3]. Cybersecurity talent shortages are pushing companies to rely more on third-party and managed services, which can have cost and control implications [2][4]. Rapidly evolving attack landscapes with AI-enhanced threats are creating pressure to adopt advanced security technologies and practices quickly while managing budget constraints and compliance [1][4].
In summary, Gartner and other sources predict cybersecurity spending will continue strong double-digit growth through 2026, largely fueled by AI risks, cloud adoption, and regulatory demands, but with challenges from economic caution, talent gaps, and complex emerging threats shaping spending priorities [1][2][3][4][5]. A Moody's survey of more than 1,700 rated debt issuers indicates increased investments organisations are making in cybersecurity [3].
[1] Gartner (2023). Forecast: Worldwide Security and Risk Management Spending, 2021-2026 (ID G00705582). [2] Gartner (2023). Market Guide for Cloud Access Security Brokers (CASBs) [Gartner subscription required]. [3] Moody's (2023). 2023 Cybersecurity Survey: A Look at Cybersecurity Investments and Priorities. [4] Gartner (2023). Market Guide for Cloud Workload Protection Platforms (CWPPs) [Gartner subscription required]. [5] Gartner (2023). Market Guide for Managed Security Services, Worldwide [Gartner subscription required].
- Amid the surge in cyber threats and regulatory pressures, it's essential for organizations to optimize their network security and risk management strategies to keep up with the growing cyber risk.
- As cybersecurity spending continues to increase, spending on AI-aware data protection, behavioral analytics for insider threats, and secure AI lifecycle management will significantly rise due to the complexity and risk posed by the growing use of AI in the cybersecurity industry.
- With the shift to cloud-native and multi-cloud environments and the advent of generative AI, organizations are dedicating a larger portion of their technology budgets to cybersecurity, responding to regulatory requirements and managing cyber risk while facing challenges like talent shortages and rapidly evolving threats.
