Employers Increase Cybersecurity Spending: What About Your Organization?

A recent forecast from market analyst Gartner states that worldwide spending on security products will increase 12.4 percent this year, up to $114 billion. The forecast also predicts another 8.7 percent growth in spending in 2019, which puts the projected total spent on information security next year at $124 billion.

A 2017 survey conducted by Gartner found that security risks, business needs, and industry changes have led to increased cybersecurity spending.

The main drivers of spending are an "increased focus on building detection and response capabilities"; privacy regulations such as the European Union's Global Data Protection Regulation (GDPR); and "the need to address digital business risks." In addition, the organization predicts that privacy concerns will cause at least 10 percent of market demand for security services through next year.

The organization also found that security as a service may soon surpass on-premises deployments. According to its forecast, subscription and managed services will comprise at least 50 percent of security software delivery by 2020. "Gartner Forecasts Worldwide Information Security Spending to Exceed $124 Billion in 2019" gartner.com (Aug. 15, 2018).


Commentary and Checklist

Even though cybersecurity spending is now over $100 billion worldwide, it is still dwarfed by the cost of cybercrime. According to a study by McAfee and the Center for Strategic and International Studies, cybercrime cost more than $600 billion worldwide in 2017.

Per the above forecast, cybersecurity spending is increasing because cybercrime is becoming more common and complex, and organizations realize they must do more to address the risk.

Because the expense of recovering from a cyber attack is so high, it is a good idea for your organization to spend the money necessary to better protect it.

If your organization has not already done so, consider dedicating resources to creating a long-term cybersecurity plan. Your plan should focus on network-wide prevention, rather than ad hoc recovery. It must include an assessment of your current vulnerabilities, as well as predictions concerning future cyber risks. If you do not have a sufficient number of IT professionals in-house, contract with third-party cybersecurity professionals to determine how best to keep your network safe.

Also. invest in cybersecurity training for all employees. Often, one employee opening a malicious email attachment leads to a costly data breach. Making sure all employees know not to open unknown attachments or click on suspicious links, even from known senders, is a relatively low-cost, but essential, part of your cybersecurity measures.

Finally, your opinion is important to us. Please complete the opinion survey:

Select an Industry