Dive Brief:
- Gartner expects spending on information security to increase just 2.4% this year, down from December projections of 8.7% growth, according to the firm's analysis. Spending is expected to reach $123.8 billion this year.
- While the IT market slowed spending because of COVID-19, a few security segments benefited, including cloud security spending, which is expected to grow 33.3% year-over-year to $585 million in 2020. "Some security spending will not be discretionary and the positive trends cannot be ignored," said Lawrence Pingree, managing VP at Gartner, in the report.
- Cloud-based security made some solutions "more resilient to a downturn," according to the report. Secure email and web gateways contributed to more than 50% of cloud-based delivery model deployments.
Dive Insight:
Just like other industries, the tech industry was impacted by COVID-19. Solutions were deployed in days to facilitate remote work, security had to scale quickly.
Gartner's initial 2020 forecast projected IT spending would reach $3.9 trillion this year, the firm has since decreased it to $3.4 trillion. The firm expects certain industries, including travel and entertainment, to face disruption long-term and take up to three years to recover their usual IT spend.
Though Gartner didn't break down segments of the infosec market as they relate to COVID-19, there are areas "supported" by stay-at-home orders, including VPNs and firewalls, endpoint protection platforms, cloud security and secure web gateways, Pingree told CIO Dive in an email.
The large projected growth in the cloud security segment has particular focus in cloud access security brokers, according to Pingree. Spending on network security equipment had the steepest decline, and is expected to drop 12.6% from 2019 to 2020.
The pandemic also highlighted "more emerging concepts," including zero trust network access, secure access services edge and software defined perimeter, all responses to a predominantly remote workforce, said Pingree.
Security organizations face routine audits and have to consider:
- How a remote employee's identity is proven
- What is the required degree of repudiation
- How a device's trustworthiness verified
- How the internal network is protected by an distrusted external device
New employees or devices challenge the status quo of security daily. Experts expect vendors to spend this time innovating as companies realize perimeter security is fueled by digital transformation.
Pingree's "notable beneficiaries" of the current security environment include Trend Micro, McAfee, Symantec, Microsoft, Zscaler, Palo Alto Networks, Proofpoint, Cisco, Fortinet, VMware and Citrix. Each company offers solutions targeted at remote access and network defense.