Australian organizations will spend more than A$4.9 billion on enterprise information security and risk management products and services in 2021, an increase of 8% from 2020, according to the latest forecast from Gartner, Inc.
Gartner analysts showed how security and risk management leaders can advance their IT security and risk strategy at the Gartner Security & Risk Management Summit APAC, taking place virtually this week.
Recent high profile cyberattacks such as the SolarWinds hack, impending legislative changes in the form of the Security Legislation Amendment (Critical Infrastructure) Bill 2020, and regulatory obligations are keeping security and risk top of mind for Australian organizations, according to Richard Addiscott, senior research director at Gartner.
“Many of the conversations we’re having with government and private sector clients in Australia revolve around the Essential Eight, varying State Government cybersecurity frameworks, and regulatory instruments such as APRA’s Prudential Standard CPS 234. Organizations are being directed to implement these strategies to mitigate cybersecurity incidents,” said Mr. Addiscott.
“However, the road to full implementation is not an easy path, and nor should it be seen as a cybersecurity panacea. Rather than adopting a compliance-centric posture, organizations need to adopt a risk-based approach to security, protecting the organization from the most critical threats while focusing on business outcomes.”
In the Gartner 2021 CIO Agenda Survey, cybersecurity was the no. 2 priority for new spending, with 67% of Australia and New Zealand respondents increasing investment in cyber/information security, second only to business intelligence and data analytics (73%).
Security services including consulting, hardware support implementation and outsourcing services represent the biggest category of information security spending by Australian organizations. The smallest but fastest growing area for investment is cloud security, forecast to total $20 million this year (see Table 1).
Table 1
Enterprise Information Security & Risk Management End User Spending by Segment, Australia, 2020-2021 (Millions of Australian Dollars)
Segment
|
2020 Spending |
2020 Growth (%) |
2021 Spending |
2021 Growth (%) |
Application Security |
63 |
6.6% |
67 |
7.4% |
Cloud Security |
15 |
50.4% |
20 |
33.8% |
Data Security |
77 |
4.8% |
83 |
7.2% |
Identity Access Management |
385 |
9.0% |
429 |
11.5% |
Infrastructure Protection |
505 |
7.8% |
558 |
10.5% |
Integrated Risk Management |
285 |
6.8% |
313 |
9.7% |
Network Security Equipment |
193 |
0.7% |
203 |
5.2% |
Other Information Security Software |
52 |
-2.5% |
52 |
-0.7% |
Security Services |
2,985 |
5.7% |
3,202 |
7.3% |
Total |
4,560 |
6.0% |
4,927 |
8.0% |
Source: Gartner (March 2021)
Gartner clients can read more in the report “Forecast: Information Security and Risk Management, Worldwide, 2018-2024, 4Q20 Update.”
About Gartner Security & Risk Management Summits
The Gartner Security & Risk Management Summit 2021 brings together security, risk and identity and access management (IAM) decision makers looking to adapt and evolve their organization through disruption and uncertainty, navigate risks and prioritize investments. Follow news coming from the Gartner Security & Risk Management Summit on the Gartner Newsroom and on Twitter using #GartnerSEC.
Upcoming dates and locations for Gartner Security & Risk Management Summit include:
September 13-15 in London
September 20-22 in Orlando, FL
October 6-8 in Tokyo
About the Gartner Information Technology Practice
The Gartner IT practice provides CIOs and IT leaders with the insights and tools to drive the organization through digital transformation to lead business growth. Additional information is available at https://www.gartner.com/en/information-technology. Follow news and updates from the Gartner IT practice on Twitter and LinkedIn using #GartnerIT.