Eisenhans - Fotolia

Gartner: Remote work, zero trust, cloud still driving cyber spend

Security leaders are eager to spend on categories including remote and hybrid cyber offerings, zero-trust network access, and cloud

Growth in end-user cyber spending is being driven by the increase in remote and hybrid working models, the ongoing transition from virtual private networks (VPNs) to zero-trust network access (ZTNA) and the shift to cloud-based delivery models, according to statistics published by Gartner’s number-crunchers.

The analyst said spending on security and risk management products and services will grow by 11.3% in 2023 to hit a new high of $188.336bn (£169.052bn).

“The pandemic accelerated hybrid work and the shift to the cloud, challenging the CISO [chief information security officer] to secure an increasingly distributed enterprise,” said Ruggero Contu, senior director analyst at Gartner.

“The modern CISO needs to focus on an expanding attack surface created by digital transformation initiatives such as cloud adoption, IT/OT-IoT convergence, remote working and third-party infrastructure integration,” he said. “Demand for technologies and services such as cloud security, application security, ZTNA and threat intelligence has been rising to tackle new vulnerabilities and risks arising from this exposure.”

More than two years into the Covid-19 pandemic, Gartner found continuing strong demand for technologies that can effectively secure the remote-hybrid work environment, with organisations still keen to spend on technologies such as web application firewalls, access management, endpoint protection platforms and secure web gateways, particularly if they can realise quick returns on their investment. However, it added, this demand may yet prove to be short lived.

Related to the remote-hybrid trend to some extent, ZTNA will continue to be the fastest-growing segment in networking security, witnessing growth of over 30% both in 2022 and next year. Gartner said this was being driven by demand for more protections for remote workers, and organisations stepping back from VPNs for secure access. Indeed, by 2026, Gartner predicts that as many as 70% of new remote access deployments will be served by ZTNA as opposed to VPNs, up from under 10% at the end of 2021. Looking ahead, as organisations become more familiar with ZTNA, there will be a growing trend to use it in office-based environments as well.

The growth in cloud security spend, meanwhile, is being predictably driven by adoption of multicloud environments bringing increased operational complexity and security risks. Gartner forecasts the combined market for cloud access security brokers and cloud workload protection platforms will rise by 26.8% to reach $6.7bn in 2023, accompanied by strong demand for cloud-based detection and response offerings – including endpoint and managed detection and response.

Read more about security spending

  • Faced with a global recession next year, security buyers should try to direct investment towards technology that protects customer-facing and revenue-generating workloads, say analysts.
  • Facing growing threats and becoming even more frequent targets for criminals, the channel’s key customer base needs to improve its level of protection if it is to thrive.

Indeed, Gartner predicts the strongest category will prove to be cloud security, which will grow by 26.8% to a total value of $6.688bn. This will be followed by application security, up 24.7% to $7.5bn; data privacy services, up 16.9% to $1.477bn; infrastructure protection, up 16.1% to $31.81bn; and identity access management, up 15.1% to $20.746bn.

Categories including data security services, information security software and integrated risk management will also see double-digit growth in 2023, but by far the largest category of spending, however, will remain security services, which includes consulting, hardware support, implementation and outsourced services, which will account for $76.468bn worth of spend in 2023, representing growth of 6.7%.

Read more on Network security management