Middle East and North Africa (MENA) spending on information security technology and services is on pace to reach US$1.1 billion in 2015, an increase of 3.3 percent over 2014, according to Gartner, Inc. US dollar appreciation caused lowered year on year growth, but overall security spending is on the rise in the region – in constant currency terms, the security market in MENA is projected to grow 15 percent in 2015.
Greg Young, research vice president at Gartner, provided the latest outlook for the information security industry today at the Gartner Security and Risk Management Summit, which is taking place here through November 3.
“Enterprises in MENA are now realizing that merely adopting preventive strategies is not enough, and they are beginning to focus on detection and response approaches to improve the security posture of their organization, “ said Mr. Young. “Large organizations in the Middle East and North Africa are investing in building out security operations capabilities either in house or by leveraging external services offered by managed security services providers (MSSPs).”
Gartner recommends that organizations spend more on detection but not at the expense of blocking known threats. This requires enterprises to relook at their people, process and technology strategies around security.
“Mature technology areas, including endpoint protection platforms and most anti-virus based platforms, where the penetration rate is fairly high, are beginning to see significant commoditization. Organizations’ interest in security is being driven by elements of digital business, such as cloud, mobile computing and, increasingly, the Internet of Things (IoT), as well as by the sophisticated and high-impact nature of advanced targeted attacks. However these commoditized security items are crucial as the first line of defence: don’t drop your guard by only new shiny security gadgets” said Mr. Young.
Other trends in the information security market that form assumptions behind Gartner’s latest forecast include:
In 2017, more than half of the network attacks targeting enterprises will use encrypted traffic to bypass controls, up from less than 5 percent today
Through 2018, more than 40 percent of state-sponsored attacks will have the source nation misidentified by the target.
99.9 percent of attacks will be based on product vulnerabilities that were known of for at least a year.
Gartner’s latest forecast for information security is available in the report ‘Forecast: Information Security, Worldwide, 2013-2019, 2Q15 Update.