Australian organisations will spend more than A$4.9 billion on enterprise information security and risk management products and services in 2021, according to the latest forecast by Gartner.
The analysis firm says the spend represents an increase of 8% from 2020.
Gartner analysts showed how security and risk management leaders can advance their IT security and risk strategy at the Gartner Security - Risk Management Summit APAC.
According to Richard Addiscott, senior research director at Gartner, recent high profile cyberattacks such as the SolarWinds hack, impending legislative changes in the form of the Security Legislation Amendment (Critical Infrastructure) Bill 2020, and regulatory obligations are keeping security and risk top of mind for Australian organisations,
“Many of the conversations we are having with government and private sector clients in Australia revolve around the Essential Eight, varying State Government cybersecurity frameworks, and regulatory instruments such as APRA's Prudential Standard CPS 234," Addiscott says.
"Organisations are being directed to implement these strategies to mitigate cybersecurity incidents,” he says.
“However, the road to full implementation is not an easy path, and nor should it be seen as a cybersecurity panacea," Addiscott adds.
"Rather than adopting a compliance-centric posture, organisations need to adopt a risk-based approach to security, protecting the organisation from the most critical threats while focusing on business outcomes," he explains.
In the Gartner 2021 CIO Agenda Survey, cybersecurity was the no. 2 priority for new spending, with 67% of Australia and New Zealand respondents increasing investment in cyber/information security, second only to business intelligence and data analytics (73%).
Security services including consulting, hardware support implementation and outsourcing services represent the biggest category of information security spending by Australian organisations. The smallest but fastest growing area for investment is cloud security, forecast to total $20 million this year (see Table 1).
Enterprise Information Security - Risk Management End User Spending by Segment, Australia, 2020-2021 (Millions of Australian Dollars)
Gartner clients can read more in the report “Forecast: Information Security and Risk Management, Worldwide, 2018-2024, 4Q20 Update.”