Worldwide spending on security solutions and services is forecast to be $219 billion in 2023, an increase of 12.1% compared to 2022, according to IDC.
Investments in hardware, software, and services related to cybersecurity are expected to reach nearly $300 billion in 2026, driven by the ongoing threat of cyberattacks, the demands of providing a secure hybrid work environment, and the need to meet data privacy and governance requirements.
“Spend on security products and services will continue to outperform growth in overall IT spending,” said Serena Da Rold, associate research director, IDC Data & Analytics.
“Almost all industries and company size segments will see low double-digit growth through 2026, driven by the expansion of cloud and container deployments, the need to secure remote access to resources, and the compliance requirements of privacy and data protection legislation. The more mature industries, and largest spenders, will grow faster than average as they continue to invest in cutting edge security solutions to prevent and fend off ransomware attacks on their distributed workforce and to protect critical infrastructure, which is increasingly connected to the IT network,” concluded Da Rold.
Endpoint security will be the leading software category
The industries that will deliver the largest investments in security products and services in 2023 are banking, discrete manufacturing, professional services, and federal/central government. Both banks and discrete manufacturers will invest about evenly in software and services with the largest expenditures going toward managed security services to protect against cyberattacks.
In comparison, professional services will see notably greater investments in software with a focus on governance, risk, and compliance (GRC) and endpoint security. Services spending will also be the largest area of focus for federal/central government. Combined, these four industries will account for more than a third of all security spending in 2023. The industries that are expected to have the fastest spending growth over the 2021-2026 forecast period are securities & investment services, telecommunications, and banking.
Software will be the largest technology group in 2023, representing nearly half of all security spending this year. Endpoint security will be the leading software category, followed by identity and digital trust software and cybersecurity analytics, intelligence, response, and orchestration software.
USA tops security spending in 2023
Services will be the second largest technology group, led by the managed security services category with $42 billion in spending expected this year. Hardware spending will be dominated by network security appliances. Software will be the fastest growing of the three technology groups with a five-year compound annual growth rate of 13.7%, followed by services at 11.0%.
The United States will be the largest geographic region for security spending in 2023. Discrete manufacturing and professional services will the leading industries for security spending in the USA. The second largest region for security spending will be Western Europe, where the banking and discrete manufacturing industries will be the leading investors.
Asia/Pacific (excluding Japan and China) and the People’s Republic of China will be the next largest regions for security spending this year. China is forecast to see the fastest spending growth over the 2021-2026 forecast period with a five-year CAGR of 18.8%.
Europe’s IT security spending to grow over 10%
“The total IT security spending in Europe will keep on growing at more than 10% over the forecast period. The biggest portion of that spending will still be represented by services, which will be increasingly leveraged especially by organizations with limited competences in the security area to protect their data and assets from the threat of ransomware attacks exacerbated by the current geopolitical situation in the region. The top IT security spending sectors in Europe will be finance – which will also have to constantly ensure regulatory adherence – and manufacturing – which will need to defend against increasingly frequent cyberattacks on production plants,” said Stefano Perini, senior research analyst, IDC European Data & Analytics.