Middle East and North Africa (MENA) enterprise information security and risk management spending will total $1.7 billion in 2020, an increase of 10.7% from 2019, according to a recent forecast by Gartner.
“The double-digit growth is a reflection of how organizations in MENA region are coming up to speed with their global counterparts in adopting information security and risk management solutions,” said Sam Olyaei, research director at Gartner.
“More importantly, an evolving threat landscape and the advent of digital transformation is forcing local security and risk leaders to revaluate their spending priorities.”
Security services and network security continue to be the top two security and risk management spending priorities for CISOs in MENA. Both segments will account for 66% of total security and risk management spending in 2020.
Managed Security Services includes services that involve security processes such as monitoring, detection, and response.
“We continue to see a pervasive shortage of talent in the region, especially as it relates to tactical functions, and this has pushed leaders to leverage managed security service providers (MSSPs) and other consultants to manage their operational capabilities,” said Mr. Olyaei.
Despite smaller levels of spending, cloud security and data security will continue to remain the fastest growing segments for enterprise security and risk management spending. A shift to a cloud-first strategy remains a priority in MENA, especially as major cloud service providers set up shop in the region.
Additionally, The Data Protection Law (DPL) implemented in Bahrain in April 2019 and the possibility of United Arab Emirates (UAE) to deploy strict data privacy rules by the end of 2020 have compelled MENA organizations to rethink their data security framework to continue doing business in the region.
As a result, Gartner predicts that by 2020, investment in data security will total $72 million, an increase of 26% year over year.
The growing spending in security and risk management also showed that it has become a boardroom priority locally. CISOs in MENA are seeking to improve their communication with the board of directors who have more visibility on security, threats and vulnerabilities than ever.
“Simply put, executives are beginning to realize the true business impact of cybersecurity,” said Mr. Olyaei. “It is no longer a matter of if, but when and executives are demanding that their leaders continue to facilitate business outcomes”