Weltweite Ausgaben für Informationssicherheit werden im Jahr 2017 90 Milliarden US-Dollar betragen.
Laut dem IT-Research und Beratungsunternehmen Gartner werden Unternehmen ihre Strategie im Bereich Informationssicherheit im Jahr 2017 ändern. Sie werden sich von einer reinen Prävention abwenden und sich dabei mehr auf Früherkennung und Bekämpfung konzentrieren. Die weltweiten Ausgaben für Informationssicherheit werden im Jahr 2017 90 Milliarden US-Dollar betragen – das entspricht einem Anstieg von 7,6 Prozent gegenüber 2016. Gartner prognostiziert, dass die Ausgaben bis zum Jahr 2020 113 Milliarden US-Dollar betragen werden. Gartner geht weiterhin davon aus, dass Unternehmen die Ausgaben bis zum Jahr 2020 hauptsächlich darauf verwendet werden, um die Erkennung und Reaktionsfähigkeit zu verbessern.
»Der Wandel hin zu Ansätzen von Früherkennung und Bekämpfung umspannt Menschen, Prozesse und Technologie-Elemente und wird für einen Großteil des Wachstums des Security-Markts in den nächsten fünf Jahren sorgen,« so Sid Deshpande, Principal Research Analyst bei Gartner.
Gartner Says Detection and Response is Top Security Priority for Organisations in 2017
Organisations are transforming their security spending strategy in 2017, moving away from prevention-only approaches to focus more on detection and response, according to Gartner, Inc. Worldwide spending on information security is expected to reach $90 billion in 2017, an increase of 7.6 per cent over 2016, and to top $113 billion by 2020. Spending on enhancing detection and response capabilities is expected to be a key priority for security buyers through 2020.
»The shift to detection and response approaches spans people, process and technology elements and will drive a majority of security market growth over the next five years,« said Sid Deshpande, principal research analyst at Gartner. »While this does not mean that prevention is unimportant or that chief information security officers (CISOs) are giving up on preventing security incidents, it sends a clear message that prevention is futile unless it is tied into a detection and response capability.«
Mr Deshpande said that skills shortages are further driving spending on security services. Many organisations lack established organisational knowledge of detection and response strategies in security because preventive approaches were the most common tactics for decades. Skill sets are scarce and, therefore, remain at a premium, leading organisations to seek external help from security consultants, managed security service providers (MSSPs) and outsourcers.
The need to better detect and respond to security incidents has also created new security product segments, such as deception, endpoint detection and response, software-defined segmentation, cloud access security brokers, and user and entity behaviour analytics. These new segments are creating net new spending, but are also taking spend away from existing segments such as data security, enterprise protection platform (EPP) network security and security information and event management.
On the services side, the emergence of specialised managed detection and response services is a threat to traditional MSSPs. The rising number of point solutions in the security market that address detection and response is creating sprawl and manageability issues for CISOs and security managers, driving spending for management platforms and services that are better integrated with adjacent markets.
As enterprises shift toward balancing prevention with newer detection and response approaches, CISOs are changing how they measure the success of their security strategy. All security investments are being measured on how they contribute to the shift in mindset. Even preventive security controls, such as EPP, firewalls, application security and intrusion prevention systems, are being tweaked to provide more intelligence into security operations, analytics and reporting platforms.
»CISOs are keen to communicate the return on investment of their security strategy in terms of the business value associated with quick damage limitation, in addition to threat prevention and blocking,« said Lawrence Pingree, research director at Gartner. »The key enabler for CISOs in this endeavour is to get visibility across their security infrastructure to make better decisions during security incidents. This visibility will enable them to have a more strategic and risk-based conversation with their board of directors, CFO and CEO about the direction of their security programme.«
Gartner clients can read more about the trends that are transforming the security market in the report: »Market Insight: Security Market Transformation Disrupted by the Emergence of Smart, Pervasive and Efficient Security.« https://www.gartner.com/login/loginInitAction.do?method=initialize&TARGET=http%253A%252F%252Fwww.gartner.com%252Fdocument%252F3592617
Hier folgt eine Auswahl an Fachbeiträgen, Studien, Stories und Statistiken die zu diesem Thema passen. Geben Sie in der »Artikelsuche…« rechts oben Ihre Suchbegriffe ein und lassen sich überraschen, welche weiteren Treffer Sie auf unserer Webseite finden. Diese Auswahl wurde von Menschen getroffen und nicht von Algorithmen.
Daten- und Informationssicherheit – Interne IT-Bedrohungen entdecken und aktiv abwehren
Leitfaden zur Zertifizierung von Informationssicherheit und Datenschutz
Umsetzung von IT- und Informationssicherheit häufig mangelhaft
Globales Informationssicherheits-Managementsystems (ISMS) nach ISO/IEC 27001:2013
Banken investieren dreimal mehr in IT-Sicherheit als andere Bereiche
Vorhersagen zu wachsenden IT-Sicherheitsbedrohungen werden Realität
IT-Sicherheit 2017: Sicherheitslücken im Internet der Dinge besser schließen