Cybersecurity spending puts new emphasis on detection and response

Register now

Enterprises are transforming their cyber security spending strategies this year, moving away from prevention-only approaches to focus more on detection and response, according to Gartner Inc.

Spending on enhancing detection and response capabilities is expected to be a key priority for security buyers through 2020.

"The shift to detection and response approaches spans people, process and technology elements and will drive a majority of security market growth over the next five years," said Sid Deshpande, principal research analyst at Gartner.

"While this does not mean that prevention is unimportant or that chief information security officers [CISOs] are giving up on preventing security incidents, it sends a clear message that prevention is futile unless it is tied into a detection and response capability," Deshpande said.

Skills shortages are further driving spending on security services, Deshpande said. Many organizations lack established organizational knowledge of detection and response strategies in security because preventive approaches have been the most common tactics for decades. Skill sets remain at a premium, leading organizations to seek external help from security consultants, managed security service providers (MSSPs) and outsourcers.

The need to better detect and respond to security incidents has also created new security product segments, such as deception, endpoint detection and response (EDR), software-defined segmentation, cloud access security brokers (CASBs), and user and entity behavior analytics (UEBA).

These new segments are creating net new spending, but are also taking spend away from existing segments such as data security, enterprise protection platform (EPP) network security and security information and event management (SIEM).

For reprint and licensing requests for this article, click here.