Middle East and North Africa (MENA) spending on enterprise information security technology and services is on pace to reach $1,9-billion in 2019, an increase of 9,8% over 2018, according to the latest forecast from Gartner.

“Security and risk leaders will see new spending in areas related to cloud security and data security, driven by regulations and an increased awareness among organizations as their needs evolve to address more complex threats,” says Sam Olyaei, principal research analyst at Gartner. “Those two segments are set to achieve the highest growth rates in 2019, at 108% and 18% respectively.”

The enterprise information security spending market is comprised of five enterprise security product segments that will bolster growth in 2019:

* Cloud security spending will total $9-million — a 108% increase in 2019.

* Data security spending will total $125-million — a 17,6% increase in 2019.

* Infrastructure protection will total $225-million — a 10,5% increase in 2019.

* Integrated risk management will total $33-million — a 9,2% increase in 2019.

* Security services will total $798-million — a 9,9% increase in 2019.

These established security product segments benefit from strong growth rates due to net new adopters who are looking to rapidly increase their investments in security technology. Additionally, existing buyers of these technologies are looking to acquire more advanced capabilities in these areas, especially as organisations in the region race to catch up with government and national attitude toward digital transformation.

While the spending on cloud security products is set to increase 108% in 2019, the market remains much smaller than the other four segments, and this is primarily due to its relative immaturity. As large cloud service providers such as Amazon, Microsoft, and Alibaba establish data centres and service clients in the region, the market will continue to see double-digit growth in the future.

In the last few years, Gartner analysts witnessed organizations and governments in the MENA region adopting digital initiatives. “Digital business initiatives are changing how organizations identify, evaluate and confront risk,” says Olyaei. “Having an integrated view of risk management is also becoming more pervasive as organizations are increasingly participating in digital ecosystems, making them more vulnerable than ever before.

“CIOs have had to evolve their traditional cybersecurity systems to address the new cybersecurity risks that digital business initiatives introduce,” he adds.

Cybersecurity represents one of the major risks affecting MENA businesses and individuals today. Most attacks can be grouped into five categories that commonly exploit weaknesses through mechanisms such as socially engineered malware, phishing attacks, unpatched/insecure software, social media attacks, and the regular advanced persistent threats.

Organisations continue to feel the pressure to find the right people with the right skills to grow their security teams, particularly given the 24/7 nature of security operations functions. These ongoing skills shortages are driving demand for security services, particularly security outsourcing, managed security services and security consulting.

As the realities of digital sink in, the skills shortage may expose organizations to undue risk that increases the likelihood of a breach, causing ramifications for the organization in terms of data, monetary and brand reputation loss. Gartner estimates that 68% of digital organisations globally have a cybersecurity expert on staff, but remain incapable of managing digital risk.

“Security and risk management leaders should validate if their existing security programs can adequately address the emerging challenges resulting from participation in digital ecosystems, and build and develop new competencies and skills required to effectively support digital business initiatives,” says Olyaei.