With the connected world of the Internet of Things (IoT) on the rise, and expected to be an increasing focus for malware attacks in enterprises, Gartner believes worldwide spending on IoT security will reach $348 million in 2016, up 24% over 2015 spending, according to an April 25 report.
Over the next few years, IoT security spending will initially be "moderate," according to Gartner, and will rise to $547.2 million in 2018. Then it will gain real momentum after 2020, "as improved skills, organizational change and more scalable service options improve execution."
By 2020, the market is expected to reach $840.5 million, according to the Gartner. (Users will have to sign in to access the full report.)
Growth will also be linked to IoT adoption in consumer and industry sectors.
"Gartner forecasts that 6.4 billion connected things will be in use worldwide in 2016, up 30 percent from 2015, and will reach 11.4 billion by 2018," Ruggero Contu, research director at Gartner, wrote in Monday's report. "However, considerable variation exists among different industry sectors as a result of different levels of prioritization and security awareness."
IoT devices used across vertical industries will be the largest area of growth, followed by energy management, automotive applications, and the consumer-driven IoT category. From 2013 through 2020, Gartner expects IoT endpoints to experience an annual growth rate of 32%, and for endpoint spending to be dominated by connected cars and machinery, such as commercial aircraft, as well as farming and construction equipment.
A Shift in Where to Focus
By 2020, Gartner predicts that more than 25% of identified attacks in enterprises will involve IoT, even though IoT will account for less than 10% of IT security budgets. Faced with IT budget constraints, vendors will be challenged to provide usable solutions, according to Gartner, and focus too much on spotting vulnerabilities and exploits, rather than on long-term means of protection.
Securing IoT will "focus more and more on the management, analytics and provisioning of devices and their data," Contu wrote. "IoT business scenarios will require a delivery mechanism that can also grow and keep pace with requirements in monitoring, detection, access control and other security needs."
By 2020, Gartner expects half of all IoT implementations to use a form of cloud-based security service to meet the acceptable levels of risk dictated by regulations or reliability standards.
Not only is the future of cloud-based security services linked to the future of IoT, added Contu, but the potential scale and strength of IoT won't be realized without it.
An April 19 report from CounterTack and the Ponemon Institute likewise emphasized an increase in malware attacks on mobile endpoints in enterprises, and a growing trend to focus on securing the data instead of devices.
Among the 694 security practitioners surveyed, 80% reported that they believed their mobile endpoints (laptops, desktops, printers, POS machines, ATMs, and other devices) had been targets of malware, and 81% reported that the biggest threat to their endpoint security was "negligent or careless employees" who don't follow security policies.