Security spending shifting towards detection and response

This year, the cyber-security focus is shifting from prevention only, into detection and response territory. This is according to a new Gartner report, which also says cyber-security spending will hit the $90 billion mark this year. 

That’s actually a 7.6 per cent increase year-on-year. Spending will keep on growing, Gartner says, up to $113 billion in 2020. 

What’s interesting is that this shift has created new security product segments, including deception, endpoint detection and response, and software-defined segmentation. There’s also cloud access security brokers, or user behaviour analytics. Besides making businesses spend more on security, it’s also making them spend less on ‘traditional’ security solutions, like data security or enterprise protection platforms (EPP). 

"The shift to detection and response approaches spans people, process and technology elements and will drive a majority of security market growth over the next five years," said Sid Deshpande, principal research analyst at Gartner. "While this does not mean that prevention is unimportant or that chief information security officers (CISOs) are giving up on preventing security incidents, it sends a clear message that prevention is futile unless it is tied into a detection and response capability."

According to Deshpande, the lack of skilled workers is one of the main drivers of security spending. Organisational knowledge on how to detect and respond to security incidents is also something organisations are lacking, he said. 

“Skill sets are scarce and, therefore, remain at a premium, leading organisations to seek external help from security consultants, managed security service providers (MSSPs) and outsourcers.”

Image Credit: Deepadesigns / Shutterstock