Gartner projects that global end-user spending on information security will reach US$212 billion by 2025, marking a 15.1% increase from 2024's estimated US$183.9 billion. This surge is driven by a heightened threat landscape, increasing cloud adoption, and a critical talent shortage in cybersecurity. Shailendra Upadhyay, a senior research principal at Gartner, emphasizes that these factors compel chief information security officers (CISOs) to escalate their security spending.
Table 1. Information Security End-User Spending by Segment, Worldwide, 2023-2025 (Millions of U.S. Dollars)
“Furthermore, organisations are currently assessing their endpoint protection platform (EPP) and endpoint detection and response (EDR) needs and making adjustments to boost their operational resilience and incident response following the CrowdStrike outage.” Shailendra Upadhyay
The rise of artificial intelligence, particularly generative AI (GenAI), is also transforming the security landscape. As organisations invest more in security software—particularly in application security, data privacy, and infrastructure protection—GenAI is expected to drive a 15% increase in spending on security resources by 2025.
Notably, Gartner forecasts that by 2027, 17% of cyberattacks will involve generative AI, with attackers utilizing advanced tools and large language models for large-scale social engineering tactics.
As businesses continue to migrate to the cloud, there will be a corresponding rise in demand for cloud security solutions. The market for cloud access security brokers (CASB) and cloud workload protection platforms (CWPP) is projected to grow from US$6.7 billion in 2024 to US$8.7 billion by 2025.
Moreover, the ongoing skills shortage in the cybersecurity sector is spurring significant investment in security services, including consulting and managed security services, which are expected to outpace growth in other security segments. This landscape underscores the urgent need for organisations to enhance their security frameworks in response to evolving threats.
