This means cybersecurity spending will rise faster than total IT budgets over the next five years. The European Union’s GDPR (General Data Protection Registrar) has set the agenda for legislation over data privacy and protection worldwide and that is generating a spike in spending on security measures that ensure compliance. This will continue to ripple around the world between 2019 and 2021.
Later in our forecast period an arms race will develop around AI and machine learning as major cybercriminal gangs and rogue nation states adopt these to launch increasingly sophisticated cyberattacks, pushing spending on countermeasures.
These predictions are made in Riot’s new report “Privacy and state espionage tightens focus on security - Cybersecurity spending forecast to 2024” released today. This is a global forecast by geography and industry vertical, which also highlights differences in cybersecurity strategy and spending between major regions and sub-sectors.
North America is expected to continue to spend the most on security (27%), but both Europe (22%) and China (20%) which are rapidly accelerating their spend, with the rest of Asia following closely behind on 16%. North America is expected to lead on almost every market with the exceptions of Industrial and Automotive, where China leads, but only by a tiny margin.
Because the US has been driving the eHealth revolution, it has invested sooner than other countries in associated security and that shows up clearly in the 2018 regional breakdown. That gap will remain over the forecast period but narrow as other regions catch up over eHealth.
By contrast in automotive China is emerging as a big spender on cybersecurity, driven by huge investment coupled by a strategy of focusing on safety in autonomous driving, contrasting with the country’s cavalier approach to consumer privacy. Automotive also stands out for having by far the fastest growth in spending on cybersecurity among the vertical sectors covered in the report.
The Riot report describes how cybersecurity threats will evolve over the next five years as monitoring and surveillance based on machine learning algorithms and other AI techniques become widely deployed. But this will have the affect of increasing rather than reducing demand for skilled cybersecurity personnel, because the developing arms race will require experts in what will effectively be a new form of war game.
Cybercriminals will not only attempt to cover their tracks to evade detection by surveillance systems, but will also attack these defenses directly, as is already happening to forensic watermarking systems in TV services.