Spending on information security still favors preventive measures

Worldwide spending on information security products and services is increasing. That’s the good news. The bad news is that organizations continue to favor preventative measures over detection and response – which is key to fighting advanced persistent threats (APTs).

According to Gartner, worldwide spending on information security products and services will reach $81.6 billion this year, an increase of 7.9% over 2015. Preventive security will continue to show strong growth, as many security practitioners continue to prefer preventative measures.

On the one hand, it’s no surprise that security practitioners continue to invest in preventive measures rather than divert some of those funds to detection and response. Security teams are resource strapped. They don’t have the people and skills to deploy, manage and use an effective combination of tools to detect threats, stop them, and then recover the environment to a known good state. So instead, they’re pouring almost everything they’ve got into prevention.

On the other hand, it is well known (I thought?) that preventive measures do not stop APTs. Today’s threats can evade preventive controls and sit on the network any length of time before they are finally detected – if they are detected.

Gartner reports that consulting and IT outsourcing are currently the largest categories of spending on information security. This could be IT organizations’ saving grace. Gartner reports that managed detection and response (MDR) is emerging, with demand coming from organizations that don’t have the resources to do it themselves. With more MDR providers emerging targeting the midmarket, Gartner foresees these services being an additional driver for security spending for both large and smaller organizations.

In addition, solutions such as security information and event management (SIEM) and secure web gateways (SWGs) are evolving to support detection-and-response approaches. Gartner expects the SWG market will maintain its growth of 5 to 10% through 2020 as organizations focus on detection and response.

Takeaways for technology marketers

If your company provides a detection-and-response solution:

  • Continue to drive home the message that preventive solutions do not stop APTs and that a modern security strategy requires detection and response.
  • Create content to help security practitioners make a business case for your solution.
  • Highlight in white papers, blogs, etc., how your solution makes it possible for even resource-strapped organizations to have an effective detection-and-response strategy.

Other notable statistics

Gartner also reports:

  • The average selling price for firewalls is expected to increase by at least 2 or 3% year over year until the end of 2018.
  • By 2018, 90% of organizations will implement at least one form of integrated data loss prevention (DLP), up from 50% today.
  • Public cloud adoption will impact firewall spending by less than 10% until the end of 2019 but will have an impact after that.
  • Half of midsize and large organizations will add bigger, more advanced inspection-oriented features to their network firewalls by 2019.