According to Allied Market Research, the volume of the global information security market in 2021 reached $216.11 billion, and if the average annual growth rate (CAGR) remains at 9.5%, the market will reach $478.68 billion by 2030. In 2021, the global cybersecurity market was dominated by solutions from vendors in North America. It is predicted that they will maintain their positions until 2026 thanks to major providers of cybersecurity solutions, such as Microsoft (USA), IBM (USA), Palo Alto Networks (USA), Cisco (USA), etc.
However, experts note that the average annual growth rates of markets in the Asia-Pacific region and the Middle East are slightly higher than those of more mature markets in North America and Europe.
Fortune Business Insights gives a more restrained assessment of the global cybersecurity market: the volume of the global information security market reached $139.77 billion by the end of 2021, and by 2029 it will grow to $376.32 billion while maintaining a CAGR of 13.4%.
According to the calculations of the consulting company Gartner, spending on cybersecurity in the world in 2021 increased by 13% and amounted to $172 billion, while in 2020 the growth rate of spending on information security was estimated at 8%. Gartner predicts an increase in investment in cybersecurity by 11% in both 2022 and 2023. at the same time , companies will invest $77 billion in information security outsourcing in 2022 .
The growth rate of the global cybersecurity market is more than twice faster than the growth rate of the entire global IT market. For example, according to the latest Gartner forecast, global IT spending in 2022 will amount to $4.5 trillion, which is 5.5% more than in the previous year.
A similar estimate is given by Statista: IT spending will grow by 5.1% this year and reach $4.55 trillion by the end of 2022.
Among the largest players in the global information security market (both developers of security tools and those providing information security services), companies such as Microsoft (USA), IBM (USA), Palo Alto Networks (USA), Cisco (USA), Huawei (PRC), Fortinet (USA), PwC can be distinguished (UK), Deloitte (UK), Accenture (Ireland), etc.
The above expert assessments do not take into account the significant aggravation of the geopolitical situation in the world that has been developing over the past months. In the new realities, both governments and economic entities are faced with the need to invest in information security. The current geopolitical crisis is taking place at the stage of the pandemic recession, when a significant part of the work processes of organizations has moved online, so the risks of failures in communication networks and the growing threats of cyber attacks require increased attention from CEOs and CIOs. The problem of information security threats is particularly acute for organizations in the fields of defense and management of critical infrastructure (production and distribution of electricity, water supply and sanitation, healthcare, food and agriculture). All this can contribute to a global increase in investment in cybersecurity. And, no less important, the broad diversification and expansion of regional solution providers.
In February 2022, the stock prices of companies engaged in the development of software for information security rose against the background of heightened tensions in relations between Russia and Ukraine. Among the growth leaders were Fortinet (USA), Zscaler (USA), Palo Alto Networks (USA) and CrowdStrike Holdings (USA). At the same time, the growth of stock quotations of information security suppliers on American exchanges occurred against the background of falling quotations of other technology companies.
Gartner identifies the following factors of threats to information security in the context of the current geopolitical crisis: increasing risks of using cyber-physical systems (CPS) in critical infrastructure as targets of cyber attacks, increased activity of malware distribution campaigns leading to data deletion; powerful DDoS attacks on media companies, banks and government websites. DDoS attacks can be used to create chaos or as a "smoke screen" to hide lower-level attacks; regular targeted phishing attacks. At the same time, attackers will increasingly try to "act" on behalf of state institutions and humanitarian services; disinformation campaigns by sending SMS messages in order to cause panic among the population; dependence of the stable functioning of the Internet and its national segments on cloud IT service providers; automated exploits, especially with regard to equipment connected to public networks use.