Global cybersecurity spending is set to rise 12% in 2025 – here are the industries ramping up investment

Global cybersecurity spending is expected to surge this year, fueled by escalating state-sponsored threats and the rise of generative AI, according to new analysis from IDC.

Statistics from the consultancy’s Worldwide Security Spending Guide show spending is expected to grow by 12.2% across the year and to hit $377 billion by 2028.

The bulk of this spending - 70% - will be in the US and Europe, the study found. But there's set to be an increase in every geographical region, in particular Latin America, Central and Eastern Europe, and the Middle East and Africa.

Eman Elshewy, senior research manager with IDC Data and Analytics, said rapid digital transformation efforts and enthusiasm for emerging technology adoption have significantly pushed demand for security solutions - and this is expected to accelerate further.

"MEA is witnessing substantial investments from both government and enterprises to fight rising cyber threats, with strong awareness for the importance of cybersecurity education and training programs to fortify organizations against possible attacks."

The industries spending big on cybersecurity

Banking, federal and central government, telecommunications, capital markets, and healthcare providers will be the biggest spenders this year.

Meanwhile, the fastest-growing sectors will be capital markets, media and entertainment and life sciences with an expected year-on-year growth rate of 19.4%, 17.1% and 16.9% respectively.

"The protection from cyber threats — now enhanced by AI and GenAI — is becoming an increasingly strategic issue for organizations in all industries," said Stefano.

He cited in particular organizations managing critical infrastructure - for example, oil and gas or telecommunications - along with those developing critical assets such as aerospace, defense and life sciences, or those providing key services to clients and citizens such as banking or government.

“Although national and international regulations still play an important role in guiding organizations' security strategies — especially in regulated industries — more of them are realizing that having a proactive approach to security is crucial, not only as a short-term operational protection measure but also as a competitive advantage in the long term," he said.

While large and very large businesses account for most security spending across all regions, IDC small and medium-sized businesses will also continue to increase their investments in security throughout the forecast period.

More than half the cash will go on security software, with a 14.4% year-on-year growth rate. There's particular growth for cloud native application protection platform (CNAPP) solutions, for example.

Similarly, smaller enterprises are ramping up investment in identity and access management (IAM) software and security analytics software.

Security services will be the second fastest growing technology group in 2025, driven by the continuing expansion of managed security services, followed by security hardware, which IDC said will achieve single-digit but steady growth in 2025.

MORE FROM ITPRO

• Cyber attacks against UK firms dropped by 10% last year, but experts say don't get complacent
• How to reduce cybersecurity costs for your business
• IT services spending set to surge in 2025 as CIOs shift to AI partner solutions