The global market for security and services will rise to $67.2 billion (£45 billion) in 2013, with further stellar growth taking that as high as $86 billion by 2016, Gartner analysts at the firm’s Security & Risk Management Summit have predicted.
Year-on-year, 2013 will see 8.7 percent growth compared to 2012, which saw sales of $61.8 billion.
The major influences on spending are now the growing complexity of attacks which raises the volume of data required for their detection by defenders teams, they said. This requires upgrades in equipment and supporting services.
Attackers were also becoming not only harder to detect with single layers of defence (such as firewalls) but harder to get rid of once they had breached defences thanks to attack methods designed to steal ‘persistent’ credentials.
"Mitigating the threat from ATAs [advanced targeted attacks] required a defence-in-depth strategy across multiple security controls," said Gartner’s research director, Lawrence Pingree.
"Organisations should employ a defence-in-depth, layered approach model. Organisations must continue to set the security bar higher, reaching beyond many of the existing security and compliance mandates in order to either prevent or detect these newly emergent attacks and persistent penetration strategies,” he argued.
Trends such as BYOD would also shift the emphasis from devices towards application security, giving security service providers an opportunity to “capture” some of the budgets set aside for traditional endpoint security.
All of this implied changes in the personnel and skills needed that would be in demand from security professionals, with the emergence of data analysts - information scientists if you like – appearing in more organisations.
"To support the growing need for security analytics, changes in information security people, technologies, integration methods and processes will be required, including security data warehousing and analytics capabilities, and an emerging role for security data analysts within leading-edge enterprise information security organisations," said Gartner research director, Eric Ahlm.
As an aside, one trend not mentioned by Gartner is the arrival of challenges to its own dominant position as the analyst that will guide the industry through this period of change using its famous Magic Quadrant vendor assessment
This week crowdsourced upstart rival G2 Crowd finally launched its first Grid oriented towards the CRM market. This bases its judgments not on analyst opinions of the sort used by Gartner but the views of verified customers in each sector.
Gartner's Security & Risk Management Summit runs from 10-13 June in National Harbour Maryland with follow-up events planned for Sydney in August and London in September.