Global spending on security and risk management is set to see a significant increase in 2024, with projections indicating a rise to $215 billion, a 14.3% increase from the $188.1 billion estimated for 2023, according to the latest forecast by Gartner, Inc. This surge is attributed to the continuous adoption of cloud technology, the expanding hybrid workforce, the rapid emergence of generative AI (GenAI), and an evolving regulatory environment.

Gartner claims that security and risk management leaders are being compelled to boost their spending to adapt to these changes. They are focusing on adopting technical security capabilities that enhance visibility and responsiveness across their organizations’ digital ecosystems. Additionally, they are reorganizing their security operations to maintain agility without compromising on security.

Two areas expected to experience the highest growth rates in 2024 are data privacy and cloud security, with each segment anticipated to grow by more than 24% year-over-year. This growth is reflective of the increasing organizational priority on privacy, spurred by emerging regulations that affect personal data processing, including those related to AI use. Gartner predicts that by 2025, privacy regulations will cover the personal data of 75% of the global population.

The breakdown of end-user spending across various segments from 2022 to 2024 shows considerable growth across the board. Notably, application security, cloud security, data privacy, and data security are among the segments with the most substantial growth percentages.

The public cloud services sector is a major driver of this increase, particularly in cloud security spending. The combined expenditure on cloud access security broker software (CASB) and cloud workload protection platforms (CWPP) alone is expected to reach $7 billion in 2024, marking a 24.7% rise from 2023. Additionally, the demand for cloud-based detection and response solutions, like endpoint detection and response (EDR) and managed detection and response (MDR), is also predicted to climb in 2024.

Another significant component of this spending growth is the security services segment, which includes consulting, IT outsourcing, implementation, and hardware support. This sector is forecasted to account for $90 billion in 2024, an 11% increase from 2023. It is expected to represent 42% of the total security and risk management end-user spending in 2024, remaining the largest area of expenditure in the field.

It is critical for organizations to build and optimize cybersecurity programs in light of increasing cyber risks and proliferating threats. Education and training programs that can identify employee risk in advance of a threat are best positioned to deliver training to those vulnerabilities. Gone are the days of compliance-centric Security Awareness Training for the whole company. Today’s advanced human risk management programs are based on actual employee behaviors operating within the environment and interacting with the actual security tools installed.

These programs are essential for securing new environments, protecting against an expanded attack surface, adopting security capabilities in novel ways, and enhancing efficiencies through automation. As organizations navigate a changing operational landscape, the role of comprehensive and advanced cybersecurity initiatives becomes increasingly vital.