Australian organizations will spend more than AU$7.3 billion on information security and risk management products and services in 2024, an increase of 11.5% from 2023, according to the latest forecast from Gartner, Inc. Spending on cloud security will see the largest growth with an increase of 26.9% expected in 2024.
“Recent highly publicized cyberattacks in Australia, coupled with increasing regulatory obligations, are keeping security and risk top of mind for Australian organizations this year, not to mention securing what often feels like a tidal wave of new generative AI (GenAI)-enabled technologies,” said Richard Addiscott, Senior Director Analyst at Gartner.
“As the frequency and negative impact of cybersecurity incidents continues to rise, every organization is worried about a potential fallout, and industry regulators are increasingly pushing for improved competence.”
In Gartner’s annual global survey of over 2,400 CIOs and technology executives, including 87 from Australia and New Zealand (ANZ), 87% of ANZ respondents revealed that cybersecurity will receive their largest increase in technology investment in 2024, up from 62% in 2023.
Security Services Remains Largest Spending Segment
Security services, including consulting, hardware support implementation and outsourcing services, remains the largest end user spending category in Australia, forecast to reach almost AU$4.3 billion in 2024. This is an increase of 9.6% from 2023, reflecting the increasingly important role security service providers play in helping organizations in Australia navigate emerging cybersecurity challenges (see Table 1).
Table 1. Enterprise Security & Risk Management End User Spending by Segment, Australia, 2023-2024 (Millions of Australian Dollars)
| Segment
|
2023
Spending |
2023
Growth (%) |
2024
Spending |
2024
Growth (%) |
| Application Security | 105 | 12.8% | 119 | 13.3% |
| Cloud Security | 196 | 24.7% | 248 | 26.9% |
| Data Privacy | 40 | 16.6% | 48 | 20.5% |
| Data Security | 65 | 12.0% | 72 | 11.6% |
| Identity Access Management | 539 | 15.3% | 614 | 14.0% |
| Infrastructure Protection | 884 | 13.2% | 992 | 12.2% |
| Integrated Risk Management | 274 | 9.3% | 297 | 8.6% |
| Network Security Equipment | 404 | 8.3% | 452 | 12.0% |
| Other Security Software | 169 | 35.7% | 213 | 26.2% |
| Security Services | 3,892 | 11.0% | 4,268 | 9.6% |
| Total | 6,567 | 12.4% | 7,324 | 11.5% |
Source: Gartner (March 2024)
Increasing Investment in Generative AI
According to Gartner, security and risk leaders in Australia need to prepare for the swift and continual evolution of GenAI, as large language model (LLM) applications like ChatGPT and Gemini are only the start of its disruption. GenAI introduces new attack surfaces that need protecting and require changes to application and data security practices and user monitoring.
By 2025, Gartner predicts GenAI will cause a spike in the cybersecurity resources required to secure it, causing more than a 15% incremental spend on application and data security.
“The use of GenAI models unlocks many benefits, but users must also contend with new unique risks, requiring new security practices focused on data protection, AI application security and content anomaly detection,” said Addiscott. “These new attack surfaces will drive security departments to spend time and money implementing GenAI security and risk management controls.”
According to Gartner, spending on GenAI will primarily be incorporated into enterprises through existing IT spending in the long-term, through software, hardware and services they are already using.
“It’s reasonable to suggest we’ll see similar patterns when it comes to security spending as the security capabilities continue to evolve,” added Addiscott.
