Worldwide information security spending is expected to reach $86.4 billion this year, an increase of 7 percent year over year, according to technology research firm Gartner. In addition, worldwide information security spending will total $93 billion by 2018, Gartner said.
Security services will continue to be the fastest-growing information security segment over the next few years, Gartner stated. Meanwhile, the growth of the hardware support services sector is expected to decline due to the increasing adoption of virtual appliances, public cloud and software-as-a-service (SaaS) versions of security solutions.
Managed Security Services Bundles: Still Growing
Many managed security service (MSS) contracts will be bundled with other security services and IT outsourcing (ITO) projects in the foreseeable future, Gartner indicated.
Forty percent of all MSS contracts will be bundled by 2020, up from 20 percent today, Gartner said in a prepared statement. Gartner attributed the potential increase in MSS contract bundles to the rapidly evolving services provided by MSSPs, ITO providers and other security consultants.
"As ITO providers and security consulting firms improve the maturity of the MSS they offer, customers will have a much broader range of bundling and service packaging options through which to consume MSS offerings," Gartner noted.
Also, the EU General Data Protection Regulation (GDPR) will drive 65 percent of data loss prevention (DLP) buying decisions through 2018, Gartner indicated.
Global organizations are strengthening their GDPR knowledge and determining which capabilities they need to comply with the mandate, Gartner said. As such, organizations that do not already have strong DLP in place are looking to increase their capabilities to meet GDPR requirements.
How Can MSSPs Prep for GDPR?
GDPR takes effect May 25, 2018, and organizations will face heavy fines if they fail to comply with the regulation.
- Evaluate the legal basis on which you use personal data. For organizations that must obtain consent to use personal data, it is important to review documents and forms of consent and ensure that consent is freely given.
- Plan for security breaches. Develop clear policies and procedures to guarantee employees can react quickly to a data breach and comply with breach notification requirements.
- Create an accountability framework. Establish a framework for monitoring, reviewing and assessing data processing procedures.
- Pay close attention to cross-border transfers. Ensure there is a legitimate reason for transferring personal data to jurisdictions that the EU does not recognize as having sufficient data protection regulations.
- Know your data processing obligations. Study the GDPR's data processing requirements and build these mandates into all data processing policies, procedures and contracts.
Ultimately, organizations that take immediate action to meet GDPR requirements can safeguard sensitive information, act quickly if a data breach occurs and avoid costly penalties due to non-compliance, Nuix stated.