Gartner Security & Risk Management Summit 2018 explores changing threat landscape
Middle East and North Africa (MENA) spending on enterprise information security technology and services is on pace to reach US$1.9 billion in 2019, an increase of 9.8 percent over 2018, according to the latest forecast from Gartner, Inc.
“Security and risk leaders will see new spending in areas related to cloud security and data security, driven by regulations and an increased awareness among organizations as their needs evolve to address more complex threats,” said Sam Olyaei, principal research analyst at Gartner. “Those two segments are set to achieve the highest growth rates in 2019, at 108 and 18 percent respectively.”
The enterprise information security spending market is comprised of five enterprise security product segments that will bolster growth in 2019:
- Cloud security spending will total US$9 million — a 108 percent increase in 2019.
- Data security spending will total US$125 million — a 17.6 percent increase in 2019.
- Infrastructure protection will total US$225 million — a 10.5 percent increase in 2019.
- Integrated risk management will total US$33 million — a 9.2 percent increase in 2019.
- Security services will total US$798 million — a 9.9 percent increase in 2019.
Gartner analysts provided the latest outlook for the information security industry today at the 2018 Gartner Security and Risk Management Summit, which is taking place in Dubai through Tuesday.
These established security product segments benefit from strong growth rates due to net new adopters who are looking to rapidly increase their investments in security technology. Additionally, existing buyers of these technologies are looking to acquire more advanced capabilities in these areas, especially as organizations in the region race to catch up with government and national attitude toward digital transformation.
While the spending on cloud security products is set to increase 108 percent in 2019, the market remains much smaller than the other four segments, and this is primarily due to its relative immaturity. As large cloud service providers such as Amazon, Microsoft, and Alibaba establish data centers and service clients in the region, the market will continue to see double-digit growth in the future.
In the last few years, Gartner analysts witnessed organizations and governments in the MENA region adopting digital initiatives. “Digital business initiatives are changing how organizations identify, evaluate and confront risk,” said Mr. Olyaei. “Having an integrated view of risk management is also becoming more pervasive as organizations are increasingly participating in digital ecosystems, making them more vulnerable than ever before.”
“CIOs have had to evolve their traditional cybersecurity systems to address the new cybersecurity risks that digital business initiatives introduce,” added Mr Olyaei.
Cybersecurity represents one of the major risks affecting MENA businesses and individuals today. Most attacks can be grouped into five categories that commonly exploit weaknesses through mechanisms such as socially engineered malware, phishing attacks, unpatched /insecure software, social media attacks, and the regular advanced persistent threats.
Lack of Skills Raising Demand for Security Services
Organizations continue to feel the pressure to find the right people with the right skills to grow their security teams, particularly given the 24/7 nature of security operations functions. These ongoing skills shortages are driving demand for security services, particularly security outsourcing, managed security services and security consulting.
As the realities of digital sink in, the skills shortage may expose organizations to undue risk that increases the likelihood of a breach, causing ramifications for the organization in terms of data, monetary and brand reputation loss. Gartner estimates that 68 percent of digital organizations globally have a cybersecurity expert on staff, but remain incapable of managing digital risk.
“Security and risk management leaders should validate if their existing security programs can adequately address the emerging challenges resulting from participation in digital ecosystems, and build and develop new competencies and skills required to effectively support digital business initiatives,” said Olyaei.