Enterprises are transforming their cyber security spending strategies this year, moving away from prevention-only approaches to focus more on detection and response, according to Gartner Inc.

Spending on enhancing detection and response capabilities is expected to be a key priority for security buyers through 2020.

"The shift to detection and response approaches spans people, process and technology elements and will drive a majority of security market growth over the next five years," said Sid Deshpande, principal research analyst at Gartner.

"While this does not mean that prevention is unimportant or that chief information security officers [CISOs] are giving up on preventing security incidents, it sends a clear message that prevention is futile unless it is tied into a detection and response capability," Deshpande said.

Skills shortages are further driving spending on security services, Deshpande said. Many organizations lack established organizational knowledge of detection and response strategies in security because preventive approaches have been the most common tactics for decades. Skill sets remain at a premium, leading organizations to seek external help from security consultants, managed security service providers (MSSPs) and outsourcers.

The need to better detect and respond to security incidents has also created new security product segments, such as deception, endpoint detection and response (EDR), software-defined segmentation, cloud access security brokers (CASBs), and user and entity behavior analytics (UEBA).

These new segments are creating net new spending, but are also taking spend away from existing segments such as data security, enterprise protection platform (EPP) network security and security information and event management (SIEM).

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access

Bob Violino

Bob Violino

Bob Violino is a freelance technology and business writer who covers a variety of topics, including big data and analytics, cloud computing, information security and mobile technology.