The fact that organizations will be spending much more on cybersecurity in 2019 shouldn’t come as a surprise given the continued increase in both volume and sophistication of the attacks being launched.
IDC is forecasting that worldwide spending on security-related hardware, software, and services will reach $91.4 billion in 2018, an increase of 10.2 percent over the amount spent in 2017. IDC predicts spending on IT security will achieve a compound annual growth rate (CAGR) of 10 percent over the 2016-2021 forecast period to reach a total of $120.7 billion in 2021. Gartner projects worldwide spending on information security products and services will reach more than $114 billion in 2018, an increase of 12.4 percent from last year. In 2019, Gartner is forecasting there will be an 8.7 percent growth rate to $124 billion.
What matters most to managed service providers is to what degree IT security will be delivered as a service. IDC says managed security services are now the fastest growing segment of the IT security sector, with a compound annual growth rate of 14.7 percent expected through 2021. Gartner estimates that by 2020, managed and subscription-based security services will account for half of the revenue generated in the cybersecurity category.
Clearly, a sea change is underway in terms of how cybersecurity technologies are consumed. There’s still a significant bias towards internal IT organizations deploying IT security technologies on their own. But many more organizations are coming to terms with the fact that cybersecurity is a battle they can’t win on their own. The arsenal of cybersecurity technologies that need to be deployed are more complex to manage than ever and most organizations are shorthanded when it comes to cybersecurity expertise. There are already millions of cybersecurity positions going unfilled. Even when an organization can find cybersecurity talent, many soon find they don’t have the financial means to retain them. Headhunters are having a field day poaching cybersecurity talent.
The need to apply artificial intelligence (AI) will also drive a transition to the cloud. The amount of data required to apply machine and deep learning algorithms to cybersecurity necessitates more reliance on a less expensive approach to accessing the compute resources required to process all the data needed to train AI models. The reference engine to run those AI models, however, is likely to be deployed at the edge of the network. In effect, that creates a hybrid cybersecurity framework that MSPs will soon be called upon to manage.
Increasingly, organizations are going to come to expect their MSP to become their first line of defense. The goal is to shift the cybersecurity battle away from the systems of the organization contracting the MSP. That battle needs to be fought in the network pipes that cybersecurity criminals are employing to distribute malware payloads, which are becoming more lethal with each passing day. MSPs are now in a unique position to provide the expertise needed to mount those defenses. In fact, those that can’t provide that level of defense may soon find that as cybersecurity become table stakes for MSPs, they might not be as relevant to their end customers as they once were.
Photo: wutzkohphoto / Shutterstock.