SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Global spending on cybersecurity to grow by almost 6%
Tue, 21st Jul 2020
FYI, this story is more than a year old

Spending on cybersecurity throughout the world will increase by 5.6% year-on-year in 2020 – and even if the global economy worsens and IT budgets suffer, the cybersecurity market will still grow by at least 2.5%.

That's according to a new report from Canalys, which found that this year US$43.1 billion will be spent globally on endpoint, network, web, email and data security, as well as vulnerability and security analytics – a jump from $40.8 billion in 2019.

The report's findings indicate definitively that despite 2020 being a year of financial uncertainty, it's also a year where the importance of and engagement with cybersecurity has never been greater – both one of many outcomes stemming from the COVID-19 pandemic.

While COVID-19-related cyber-attacks, such as phishing campaigns, still remain common, reported cases have been falling since the peak in March and April as people desperate for information about the pandemic fell for phishing lures. But the risks associated with remote working, now an acceptable way to conduct business, have not gone away.

“The emergence of COVID-19 in January saw a surge in targeted phishing campaigns and malicious domains established to lure end users searching for information,” says Canalys research analyst Ketaki Borade.

“These fell once lockdown took effect. But hackers continue to target organisations and individuals by compromising unsecured and poorly trained remote workers via numerous vectors, including email, social engineering and RDP brute force attacks.

“Organisations will have to reassess changes to workflows, application use, customer engagement and training for cybersecurity awareness in a more virtual workplace.

Threats and vulnerabilities persist, compliance and regulations abound, and ecosystem requirements still need strengthening. Remote working has also necessitated the provision of secure endpoints, secure access to corporate resources and extension of perimeter defences, according to the report.

“The shift to subscriptions will shield cybersecurity from immediate IT spending cuts, but additional expenditure will be affected for the rest of the year as organisations begin the next stage in their response to the pandemic,” says Canalys chief analyst Matthew Ball.

“The switch from free trials to paid-for subscriptions will be a factor in maintaining cybersecurity growth.

“But the mix of cost containment measures, workforce reduction and cashflow issues will result in greater scrutiny of existing projects and smaller deals.

“Delays and cancellations of new initiatives will increase, except those that enable cost reductions and secure high-priority digital transformation initiatives.

The report makes distinctions between growth rates for different technology segments.

Network security will retain its position as the largest segment by amount spent, at 36% of overall spending, and enpoint security will see high growth rates mostly through the proliferation of remote working – though this rate will slow after the initial strong investment in Q1.

Funds will likely be redirected from traditional, appliance-based perimeter defences, which are set to experience negative growth rates, according to Canalys.

Cloud deployment options, however, will see increased spending, with a new focus on securing cloud-deployed workloads – especially as business continuity measures continue to be planned and enacted this year.

“Large-scale remote working will be in place for a lot longer than previously envisioned when lockdown first took effect in March,” says Borade.

“While some employees will return to the workplace over the coming months, organisations will have to maintain a highly decentralised workforce that can work anywhere for the foreseeable future.

“This includes a combination of remote-only and flexible workers, as well as on-site-only workers that can quickly transition to remote-only working if a localised or national lockdown arises again.”