Editorial

Cybersecurity investment to grow 10 percent in 2021

Cybersecurity market value is expected to reach $60.2 billion in 2021, says Canalys

Posted 25 January 2021 by

Cybersecurity spending will increase 10.0 percent worldwide in the best-case scenario in 2021, according to the latest quarterly Canalys cybersecurity forecast.

Cybersecurity will remain a high priority this year, as the range of threats broadens and new vulnerabilities emerge, while the frequency of attacks is unlikely to subside. The forecast assumes current investment trends will persist.

The first half of the year will be affected by ongoing lockdown restrictions and furloughs in response to the pandemic. COVID-19 vaccine approvals and the start of mass vaccination programmes have set a timeframe for reopening economies and a sustained global recovery from mid-year.

The overall cybersecurity market value is expected to reach $60.2 billion in 2021, covering shipments of endpoint security, network security, web and email security, data security, vulnerability and security analytics, and identity access management.

Even in Canalys’ worst-case scenario, the outlook is for annual growth of 6.6 percent. This assumes a deeper and protracted economic impact from lockdowns, and considers the emergence of new variants of the virus.

Cybersecurity budgets have been resilient during the pandemic so far. SMB spending was affected though, and workforce reductions and furloughs hurt some renewals and multi-year deals, especially in the hardest-hit sectors, including hospitality, retail and transport. Supply chain issues were also a factor in hardware fulfilment earlier in 2020 but have since eased.

Record number of data breaches

Despite the continued growth in cybersecurity investment, the number of data breaches and records being compromised, as well as ransomware attacks, reached an all-time high last year. More than 12 billion records, containing a range of personal identifiable information, were reportedly compromised in 2020, while the number of known ransomware attacks increased by nearly 60 percent. Misconfigurations of cloud-based databases and phishing campaigns targeting the vulnerabilities of unsecured and poorly trained remote workers were key factors. With the healthcare and education sectors under extraordinary pressure, more attacks and online fraud were directed at them. Ongoing mass remote working and learning, and the acceleration of digital transformation projects will maintain this trend in 2021.

“The biggest threats are always those not yet known. The discovery of the SUNBURST advanced persistent threat campaign at the end of 2020, stemming from malicious code injected into the widely used SolarWinds Orion IT management platform and subsequent infiltration into other systems, highlights this,” said Matthew Ball, Canalys chief analyst.

“Cybersecurity professional services engagements in response to this latest issue will be one of many factors contributing to sustained investment this year, especially in newer solutions to mitigate emerging threats. Growth in add-on subscriptions providing new features, products to secure the cloud and delivered from the cloud, and upgrades to existing solutions will be key drivers for expansion. The need for organisations to adopt multi-layered and holistic approaches, combining employee awareness training, data protection and backup, threat and vulnerability detection, and response will remain critical.”

Growth areas

Canalys forecasts web and email security will grow 12.5 percent in 2021, one of the highest growth segments, as disparate technologies converge to secure persistent connections between users and cloud services. Vulnerability and security analytics will increase 11 percent, expanding beyond logging and monitoring to threat intelligence, behaviour analysis and automated response. Growth in endpoint security will slow to 10.4 percent after a strong 2020. It will remain a vital part of cybersecurity stacks, as many office-based workers remain working remotely.

Identity access management, a key part of Zero Trust policies, underpinning secure access to data and applications, will grow 10.4 percent. Network security will be the largest segment, increasing eight percent driven by the restart of delayed upgrade projects. Data security will increase 6.6 percent, focusing on protection, backup and recovery as well as consistent policies across multi-cloud and hybrid-IT environments.