Sam Olyaei, senior research analyst, Gartner
ME information security spending to reach $1.8bn
UAE, October 16, 2017
The Middle East and North Africa's (Mena) spending on information security technology and services is on pace to reach $1.8 billion in 2017, an increase of 11 per cent over 2016, according to Gartner, Inc.
Gartner, Inc. is an American research and advisory firm providing information technology related insight for IT and other business leaders located across the world.
Sam Olyaei, senior research analyst at Gartner, provided the latest outlook for the information security industry today (October 16) at the Gartner Security and Risk Management Summit, in Dubai, UAE, which will conclude tomorrow (October 17).
Security services will continue to be the fastest growing segment in line with global trends, especially IT outsourcing, consulting and implementation services. The growth for security services will be driven by ongoing skills shortages in the information security domain as well as increased awareness of threats, said the company.
In a region where the oil and gas industry is critical to many local economies converging of operational technology (OT), Internet of Things (IoT), and IT is pushing many organizations to start considering how to handle the potential new security vulnerabilities created.
This will result in additional interest to invest in security products and services to mitigate these new risks that traditional information security practices are not accustomed to.
Rising awareness among chief executive officers (CEOs) and boards of directors about the business impact of security incidents, and an evolving regulatory landscape, have led to continued spending on security products and services not to mention increased accountability at the board level when it comes to security implications making metrics and executive communication a hot topic for leaders today.
Olyaei said: “However, improving security is not just about spending on new technologies. As seen in the recent spate of global security incidents, doing the basics right has never been more important.”
“Organisations can improve their security posture significantly just by addressing basic security and risk related hygiene processes like patch management, regular and scalable vulnerability scanning, centralised log management, internal network segmentation, backups and system hardening,” he said.
“Do not buy a tool just because a tool exists, invest in people and process to maintain and operate these tools,” he added.
Olyaei continued: “The region is also fixated on check box compliance – a hallmark of immaturity when it comes to security. In essence there is a false sense of security in the GCC.”
“Digital business is transforming the region and it is all about managing risk; managing risk is about understanding the major perils a business will face, and prioritising controls and investments in security to achieve business outcomes,” he added.
Other security trends that Gartner is following include:
• GDPR-related consulting and implementation services are expected to drive at least 10 per cent of the overall security spend on security services through 2019.
• By 2020, security skill management programs that include experimental recruitment and talent retention practices will rise to 20 per cent, up from less than 1 per cent today.
• By 2020, 40 per cent of all managed security service (MSS) contracts will be bundled with other security services and broader IT outsourcing (ITO) projects, up from 20 per cent today.
• Through 2020, public cloud IaaS workloads will suffer at least 60 per cent fewer security incidents than those in traditional data centres. – TradeArabia News Service