How Will AI Shape the Future of Cybersecurity Spending?
So, Gartner just released a new forecast about global spending on information security. They’re projecting that by 2025, end-user spending worldwide will hit US$212 billion. That's a 15.1 percent increase from what they're estimating for 2024, which is around US$183.9 billion.
The main drivers for this increase? Well, the threat landscape is becoming more intense, especially with the movement to the cloud and the ongoing shortage of skilled cybersecurity professionals. These factors are really pushing security to the top of the priority list for organisations, especially for Chief Information Security Officers (CISOs). They're being pressured to ramp up spending on security to better protect their organisations.
There’s also a lot of focus on tools like endpoint protection platforms and endpoint detection and response. Many companies are reassessing their needs in these areas to improve their resilience and response capabilities, especially after the recent CrowdStrike outage.
Another big factor is the rise of AI and GenAI. These technologies are driving more investments in security software, especially in areas like application security, data security, and infrastructure protection. Gartner expects that by 2025, GenAI will lead to a 15 percent increase in spending on security software because of the extra resources needed to secure these technologies. Plus, with attackers increasingly using AI and large language models for social engineering, Gartner predicts that by 2027, about 17 percent of all cyberattacks and data breaches will involve generative AI.
As more companies move to the cloud, we’re also going to see a big jump in cloud security spending. Specifically, the market for cloud access security brokers and cloud workload protection platforms is expected to grow significantly, reaching US$8.7 billion by 2025, up from US$6.7 billion in 2024.
And then there’s the issue of the cybersecurity skills gap. This shortage is really pushing organisations to invest more in security services, such as consulting, professional services, and managed security services. This area is expected to grow faster than other security segments.
Focusing on the MENA region, spending on information security is also on the rise, projected to reach US$3.2 billion by 2025, which is a 14 percent year-on-year increase. This growth is largely due to the constantly changing regulatory environment and the rising number of cyberattacks in the region. As more businesses in MENA digitise and move to the cloud, their exposure to threats is increasing. So, CISOs in the region are really focusing on staying compliant with evolving regulations, countering persistent threats, and addressing concerns from executives about organisational resilience and cybersecurity posture.