2022 cybersecurity forecasts predict growth, emphasizing resilience

We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 — 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!

  • Gartner predicts end-user spending for the information security and risk management market will grow from $172.5 billion in 2022 to $267.3 billion in 2026, attaining a compound annual growth rate (CAGR) of 11%.
  • Cybersecurity Ventures expects global cybercrime costs to grow by 15% per year over the next five years, reaching $10.5 trillion annually by 2025, up from $3 trillion in 2015.

Why cybersecurity spending Is resilient 

Cybersecurity tech stacks must close the gaps that leave human and machine endpoints, cloud infrastructure, hybrid cloud and software supply chains vulnerable to breaches. The projected fastest-growing areas of cybersecurity reflect how urgent the issue of streamlining cybersecurity tech stacks is. Seventy-five percent of executives report too much complexity in their organizations, leading to concerning cybersecurity and privacy risks.

Secure access service edge (SASE) and extended detection and response (XDR) are integration-based approaches to closing the gaps in cybersecurity tech stacks. They’re proving effective in minimizing risks while providing CISOs, CIOs and their teams the visibility and control they need across all systems, endpoints and threat surfaces. 

Every organization should anticipate that the attack surfaces they’re protecting will grow faster than forecasted, and that more human and machine identities will see attempts to compromise them than security and IT teams expect. In addition, more privileged access credentials will be stolen than a given business expects. These combined effects make cybersecurity spending one of the most resilient enterprise software. The following is a curated list of the most recent cybersecurity forecasts and market estimates: 

  • 69% of organizations predict a rise in cyber spending in 2022 compared to 55% last year. More than a quarter (26%) predict cyber spending hikes of 10% or more; only 8% said that in 2021. PwC says their survey of senior management shows that organizations expect risks to continue increasing. In addition, more than 50% expect a surge in reportable incidents next year above 2021 levels, according to PwC’s 2022 Global Digital Trust Insights Survey. 
Sixty-nine percent of organizations plan to increase cybersecurity spending this year, driven by the business case of securing increasingly complex digital infrastructures their businesses rely on.
  • Global cybersecurity insurance spending is projected to grow from $12.47 billion in 2022 to $37.14 billion by 2030, reaching a 21.8% CAGR. Digital-first business models and full-scale digital transformation projects combined with the exponential increase in ransomware attacks drive enterprises to spend more on cybersecurity insurance. Insurance carriers are pushing back against ransom payments, citing cyberattackers deliberately target their largest clients for quick, lucrative payouts. Last year, global insurance provider AXA decided no longer to pay ransomware payments in France. McKinsey and Company’s recent article on cybersecurity trends reflects how much enterprises are willing to pay for cyber insurance, predicting a 21% CAGR between 2022 and 2025 in cyber insurance. McKinsey also provides $101.5 billion that will be spent with service providers by 2025, as the enterprise seeks outside expertise to streamline complex cybersecurity tech stacks. This is all according to McKinsey & Company’s report titled Cybersecurity trends: Looking over the horizon. 
McKinsey & and Company predicts organizations will rely more on service providers, and 85% of small and midsize businesses will invest more in cybersecurity given the exponential increase in ransomware attacks and social-engineered attacks.
McKinsey & and Company predicts organizations will rely more on service providers, and 85% of small and midsize businesses will invest more in cybersecurity, given the exponential increase in ransomware attacks and social-engineered attacks.
  • The global cybersecurity software, services, and systems market is predicted to grow from $240.27 billion in 2022 to $345.38 billion by 2026, attaining a 9.5% CAGR, according to Statista. The major factors fueling the cybersecurity market include the rising frequency and sophistication of target-based cyberattacks, increasing demand for the cybersecurity mesh, and growing demand for cyber-savvy boards. 
  • Worldwide secure access service edge (SASE) spending will reach $14.7 billion by 2025. Gartner predicts that global spending on SASE will grow at a 36% CAGR between 2020 and 2025, far outpacing global spending on information security and risk management. In 2022, global SASE spending will reach $6.8 billion, growing to $9.1 billion in 2023. Gartner says a key assumption of their forecasts is that enterprises will prefer paying for SASE using a subscription model over perpetual licenses. Leading SASE vendors include Cato Networks, Fortinet, Palo Alto Networks, Versa Networks, VMware, Zscaler and others. 
  • The worldwide security software market grew 22.5% in 2021, reaching $61.38 billion in revenue. The top five market segments by market share were: endpoint protection platform (enterprise), consumer security software, access management, security information and event management (SIEM), and identity governance and administration. Cloud workload protection platform spending grew 37.8% between 2020 and 2021, and spending on access management solutions jumped 33.5%. Cloud Access Security Brokers (CASB) spending grew the third fastest at 32.7%, followed by endpoint protection platforms, which grew 25.9%. Together, these five segments accounted for 46.1% of the total market size for security software. This is according to Gartner’s report: Market Share: Security Software, Worldwide, 2021.  
  • 77% of C-level executives plan to increase their zero trust spending over the next 12 months. The Cloud Security Alliance (CSA) recently published its latest report, CISO Perspective and Progress in Deploying Zero Trust. The study is based on interviews with security and risk management professionals and C-level executives who provided insights into current and future zero trust deployment plans. It found that 80% of C-level executives cite zero trust as a priority for their organizations, and 94% are implementing zero-trust strategies. Ericom’s Zero Trust Market Dynamics Survey found that 80% of organizations plan to implement zero-trust security in less than 12 months, and 83% agree that zero trust is strategically necessary for their ongoing business. CISOs must remove trust from tech stacks and define their unique strategy to adopt the framework. 
Cloud Security Alliance’s recent survey shows zero trust is gaining momentum across enterprises, with most senior management respondents saying their investment levels will increase.
Cloud Security Alliance’s recent survey shows zero trust is gaining momentum across enterprises, with most senior management respondents saying their investment levels will increase.
  • The global endpoint security market is predicted to reach $31.1 billion by 2026 from $17.4 billion in 2021, attaining a 12.3% CAGR. Frost &  Sullivan’s most recent endpoint security forecast reflects the growing need for resilient endpoint protection platforms that can withstand multiple attacks and capitalize on AI and machine learning to predict potential breach attempts. In addition, self-healing endpoints are a catalyst driving the growth of the endpoint security market. However, 55% of cybersecurity professionals estimate that more than 75% of endpoint attacks can’t be stopped with their current systems, based on a survey by Tanium. 
  • 84% of C-level executives agree that cyber resilience is considered a business priority for their organizations in 2022. The World Economic Forum’s (WEF) cybersecurity survey found that 81% of C-level executives believe digital transformation is the main motivator for improving cyber resilience. WEF’s findings reflect many other surveys that cite the accelerating pace of digitalization due to the COVID-19 pandemic, and the shift in our working habits is pushing cyber resilience to a higher priority today. In addition, 87% of executives plan to improve their organization’s cyber resilience by strengthening policies, processes, and standards for engaging and managing third parties. 
  • Zero-trust network access (ZTNA) spending is on pace to reach $823.1 million in 2022, reaching $1.973 billion by 2026, growing at a 19.1 CAGR. Gartner predicts that global demand for ZTNA-based systems, solutions, and platforms will grow faster than the global information security and risk management market, eclipsing the overall market growth rate by 8%. Of the five years included in the forecast, 2023 sees the most rapid growth, with ZTNA spending rising over $1 billion for the first time. Gartner is also seeing a 60% year-over-year growth rate in ZTNA adoption. Their 2022 Market Guide for Zero Trust Network Access is noteworthy in providing insights into all CISOs need to know about zero-trust security.
  • $5.9 billion was invested in cybersecurity startups in Q1, 2022. Crunchbase says funding in Q1 of this year was nearly a 50% increase from Q1, 2020. Cybersecurity venture funding is on pace to break the $20 billion invested in cybersecurity in 2021. A total of 189 funding deals were announced in Q1, 2022, down slightly from Q4, 2021, which recorded 232 funding events. Cybersecurity continues to show resilience as venture capitalists and private equity investors continue to finance startups. 
While cybersecurity startups successfully obtained funding rounds through Q1/22, Q2 and Q3/22 will reflect just how resilient the industry continues to prove itself to be.
While cybersecurity startups successfully obtained funding rounds through Q1/22, Q2 and Q3/22 will reflect just how resilient the industry continues to prove itself to be.

Spending will continue despite economic uncertainty  

Cybersecurity market estimates reflect continued spending despite global economic uncertainty. No business can afford to be down during challenging economic times. Therefore, the forecasts reflect a resilient outlook for the industry. Reducing risks, ensuring continued operations and managing identities and privileged access credentials are essential now.

Additional reading:

  • Cybercrime Magazine, 2022 Cybersecurity Almanac: 100 Facts, Figures, Predictions And Statistics, January 19, 2022
  • Cloud Security Alliance, CISO Perspectives and Progress in Deploying  Zero Trust. June 3, 2022 
  • Economist Intelligence Unit and Pillsbury, AI and Cybersecurity: Balancing Innovation, Execution and Risk, September 9, 2021. 
  • Forrester, The Forrester Wave™: Endpoint Detection And Response Providers, Q2 2022, April 6, 2022 (Reprint courtesy of CrowdStrike) 
  • Gartner, Forecast: Information Security and Risk Management, Worldwide, 2020-2026, 2Q22 Update, June 30, 2022. Client Access Required. 
  • Gartner, Forecast Analysis: Secure Access Service Edge, Worldwide, July 27, 2021. Client Access Required  
  • KuppingerCole, Endpoint Protection Detection and Response, May 12, 2022McKinsey and Company, Cybersecurity trends: Looking over the horizon, March 10, 2022 
  • McKinsey and Company, Giving developers a leading role in cybersecurity Podcast, June 14, 2022
  • PwC, 2022 Global Digital Trust Insights Survey, opt-in, 31 pp., pdf, free. 
  • World Economic Forum, Global Cybersecurity Outlook 2022. Published January 18, 2022.  

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.