Worldwide cybersecurity spending could grow as much as 5,6% in 2020.
This is the best-case scenario, where investment continues to outpace the economy, according to Canalys.
The overall shipment value, covering endpoint security, network security, web and email security, data security, and vulnerability and security analytics, is expected to reach $43,1-billion.
Even in Canalys’ worst-case scenario, if IT budgets come under serious pressure, the global cybersecurity market is still forecast to grow 2,5% in 2020.
This assumes the maximum level of negative economic impact and duration of the Covid-19 pandemic.
Cybersecurity will remain a top priority for most organisations in 2020, as threats and vulnerabilities persist and compliance, regulations and ecosystem requirements strengthen.
It underpinned the mass shift to remote working during lockdown by securing newly provisioned endpoints, providing secure access to corporate resources and extending perimeter defenses beyond physical corporate networks.
“The shift to subscriptions will shield cybersecurity from immediate IT spending cuts, but additional expenditure will be affected for the rest of the year as organizations begin the next stage in their response to the pandemic,” says Matthew Ball, chief analyst at Canalys.
“The switch from free trials to paid-for subscriptions will be a factor in maintaining cybersecurity growth. But the mix of cost containment measures, workforce reduction and cashflow issues will result in greater scrutiny of existing projects and smaller deals.
“Delays and cancellations of new initiatives will increase, except those that enable cost reductions and secure high-priority digital transformation initiatives.”
2020 cybersecurity growth rates will vary by technology segment. Endpoint security will see high growth rates, as remote working practices are extended, though momentum will slow after strong investment in Q1, especially in SMB customer segments.
Network security will remain the largest segment, at 36% of spending. But the reprioritisation of budgets will defocus spending on traditional appliance-based perimeter defenses. This will lead to negative growth rates.
Organisations will have to boost spending in other areas of their security stack to address new vulnerabilities created by a more decentralized workforce through multi-layer prevention plus detection and response. This will incorporate web and email security, data security, and vulnerability and security analytics.
Spending will also shift to cloud deployment options and securing cloud-deployed workloads, as organizations optimize business continuity measures and accelerate cloud migration.
“Large-scale remote working will be in place for a lot longer than previously envisioned when lockdown first took effect in March,” says Ketaki Borade, Canalys research analyst. “While some employees will return to the workplace over the coming months, organizations will have to maintain a highly decentralised workforce that can work anywhere for the foreseeable future.
“This includes a combination of remote-only and flexible workers, as well as on-site-only workers that can quickly transition to remote-only working if a localized or national lockdown arises again.” L
The latest Canalys research for Western Europe, for example, forecasts the proportion of workers working from home regularly will grow from 12% pre-Covid-19 to 28% in the post-Covid-19 pandemic era.
The implications for cybersecurity are far-reaching. “The emergence of Covid-19 in January saw a surge in targeted phishing campaigns and malicious domains established to lure end users searching for information,” says Borade. “These fell once lockdown took effect.
“But hackers continue to target organizations and individuals by compromising unsecured and poorly trained remote workers via numerous vectors, including email, social engineering and RDP brute force attacks. Organisations will to have reassess changes to workflows, application use, customer engagement and training for cybersecurity awareness in a more virtual workplace.”