Gartner Predicts Solid Growth for Information Security, Reaching $287 Billion by 2027

AI continues to become more weaponized, with nation-state attackers and cybercrime gangs experimenting with LLMs and gen AI-based attack tradecraft. The age of weaponized LLMs is here.

At the same time, multi-cloud-based infrastructures more businesses rely on are under attack. Exfiltrating any identity data available from endpoints and then traversing a network to gain more access by collecting more credential data is often the goal.

Cyberattacks that combine AI and social engineering are just beginning

Attackers have a version of human-in-the middle, too, only their goal is unleashing AI’s offensive attack capabilities within social engineering campaigns. Last year’s social engineering-based attacks on MGM, Comcast, Shield Healthcare Group, and others serve as a case in point.

CrowdStrike’s 2024 Global Threat Report finds that cloud intrusions jumped 75% last year. There was a 76% increase in data theft victims named on data leak sites and a 60% increase in interactive intrusion campaigns. Worse, 75% of attacks were malware-free, making them difficult to identify and stop. There was also a 110% YoY increase in cloud-conscious cases.

PwC’s 2024 Digital Trust Insights Report finds that 97% of senior management teams have gaps in their cloud risk management plans. 47% say cloud attacks are their most urgent threat. One in three senior management teams is prioritizing cloud security as their top investment this year.

Gartner sees a more complex threatscape driving growth

Gartner’s Forecast: Information Security and Risk Management, Worldwide, 2021-2027, 4Q23 Update report predicts the information security and risk management market will grow from $185 billion in 2023 to $287 billion in 2027, attaining a compound annual growth rate of 11% in constant currency.

Nation-state attackers are picking up the pace of their stealth AI arms race. They’re looking to score offensive first victories on an increasingly active digital battlefield. Gartner predicts that in 2027, 17% of the total cyberattack/data leaks will involve generative AI.

Another key assumption driving Gartner’s latest forecast is that by 2025, user efficiency improvements will drive at least 35% of security vendors to offer large language model (LLM)-driven chat capabilities for users to interact with their applications and data, up from 1% in 2022.

Gartner has also factored in the surge in cloud attacks and the continued growth of hybrid workforces. One of their key assumptions driving the forecast is that “by the end of 2026, the democratization of technology, digitization, and automation of work will increase the total available market of fully remote and hybrid workers to 64% of all employees, up from 52% in 2021.”

Key takeaways

Market subsegments predicted to see the most significant growth through 2027 include the following:

  • Gartner has high expectations for Zero Trust Network Access (ZTNA) growth. It states that the worldwide market was worth $575.7 million in 2021 and predicts it will soar to $3.99 billion in 2027, attaining a 31.6% CAGR in the forecast period.
  • Identity Access Management (IAM) is predicted to grow from $4 billion in 2021 to $11.1 billion in 2027, attaining a 17.6% CAGR. Identity Governance and Administration software is predicted to grow from $2.8 billion in 2021 to $5.77 billion in 2027, attaining a 12.8% CAGR.
  • Endpoint Protection Platforms (EPP) are predicted to grow from $9.8 billion in 2021 to $26.9 billion in 2027, achieving a 17.2% CAGR.
  • Threat Intelligence software is predicted to grow from $1.1 billion in 2021 to $2.79 billion in 2027, growing at a 15.6% CAGR through the forecast period.
  • Cloud Access Security Brokers (CASB) is predicted to grow from $928M in 2021 to $4.75 billion in 2027, attaining a CAGR of 30.2%. Gartner believes that the market share of cloud-native solutions will continue to grow. They are predicting that the combined market for cloud access security brokers (CASBs) and cloud workload protection platforms (CWPPs) will reach $12.8 billion in constant currency by 2027, up from $4.6 billion in 2022. Gartner continues to also see strong demand for cloud-based detection and response solutions that include endpoint detection and response (EDR) and managed detection and response (MDR).

By Louis Columbus