Report: Cybersecurity Strategy Moving From Prevention to Detection
Cybersecurity spending is on the rise, but it’s being driven by detection and response over prevention, according to a new Gartner research report. The trend will likely cause changes in how security is managed and how success is measured.
The future of cybersecurity strategy is going to be driven by a thoughtful approach to response.
That’s according to a new analysis by the IT research firm Gartner, which says prevention-driven approaches are falling by the wayside in its recent report, “Market Insight: Security Market Transformation Disrupted by the Emergence of Smart, Pervasive and Efficient Security” [subscription required].
Gartner projects that information security spending will reach $90 billion worldwide this year, a jump of 7.6 percent from 2016, and will likely grow to $113 billion by 2020. Much of that spending will be driven by an increase in detection and response capabilities, according to Gartner Principal Research Analyst Sid Deshpande.
“The shift to detection and response approaches spans people, process, and technology elements and will drive a majority of security market growth over the next five years,” Deshpande said in a news release. “While this does not mean that prevention is unimportant or that chief information security officers (CISOs) are giving up on preventing security incidents, it sends a clear message that prevention is futile unless it is tied into a detection and response capability.”
This shift is playing out in a number of ways, including growth in the use of vendors and outside security consultants due to the scarcity of such skills inside organizations. Additionally, new product segments, such as specialized managed detection and response services, are on the rise, which can cause manageability issues for companies.
Ultimately, the new focus on detection is leading to new ways to measure success.
“CISOs are keen to communicate the return on investment of their security strategy in terms of the business value associated with quick damage limitation, in addition to threat prevention and blocking,” Gartner Research Director Lawrence Pingree noted in the release.
Pingree added that CISOs are looking to raise visibility of security issues within their organizations to encourage more strategic discussions with their fellow executives.