Organizations in Australia could spend over A$4.9 billion on enterprise information security and risk management in 2021, according to the latest forecast from Gartner, Inc. The spending is forecast to increase by 8% from the previous year.
Recent high profile cyberattacks such as the SolarWinds hack, impending legislative changes in the form of the Security Legislation Amendment (Critical Infrastructure) Bill 2020, and regulatory obligations are keeping security and risk top of mind for Australian organizations, according to Richard Addiscott, senior research director at Gartner.
Our conversations in Australia revolve around Essential Eight and other regulatory frameworks.
Gartner Research Director, Richard Addiscott
“Many of the conversations we’re having with government and private sector clients in Australia revolve around the Essential Eight, varying State Government cybersecurity frameworks, and regulatory instruments such as APRA’s Prudential Standard CPS 234. Organizations are being directed to implement these strategies to mitigate cybersecurity incidents,” said Mr. Addiscott.
“However, the road to full implementation is not an easy path, and nor should it be seen as a cybersecurity panacea.
Rather than adopting a compliance-centric posture, organizations need to adopt a risk-based approach to security, protecting the organization from the most critical threats while focusing on business outcomes.”
In the Gartner 2021 CIO Agenda Survey, cybersecurity was the no. 2 priority for new spending, with 67% of Australia and New Zealand respondents increasing investment in cyber/information security, second only to business intelligence and data analytics (73%).
As risk management gains significance leading to increase in spending (including in Australia), Gartner forecast 40% of Boards will have a dedicated cybersecurity committee by 2025.
Gartner’s Board of Directors Survey rated Cybersecurity risk as the second-highest source of risk for the enterprise, following regulatory compliance risk.
By 2025, 40% of boards of directors will have a dedicated cybersecurity committee overseen by a qualified board member, up from less than 10% today, according to Gartner.
Leading analyst IDC forecasts growth in Managed Security Services spending in Australia reflecting the increasing focus on security and risk management. Increased investments are foreseen in threat detection and response services, and data security and privacy solutions. Read more here.
