The global information security market continues to expand, thanks to technologies such as generative AI and the cloud.
- Gartner client? Log in for personalized search results.
Information Security Spending: What Does the Future Hold?
By Shailendra Upadhyay | November 27, 2024
Information security forecast: What to expect through 2028
End-user spending on information security will reach $183 billion worldwide in 2024, with a compound annual growth rate (CAGR) of 11.7% from 2023 to 2028. This growth is a result of businesses prioritizing security amid rising threats and the adoption of AI in cybersecurity and cloud technologies. Application security, data security, privacy and infrastructure protection will remain key areas of investment in the years to come.
Information security market will continue to grow across segments and regions
Between 2024 and 2028, the worldwide information system security market will rise from $183 billion to $292 billion in current currency. China, Japan and the emerging Asia/Pacific region will be particularly strong areas of growth.
Information security growth from 2023 – 2024
At the end of 2023, the global information security market totaled $162 billion. By the end of 2024, it will climb to $182 billion, representing a CAGR of 12.5%. This growth is largely a result of executives prioritizing IT security because of:
Elevated threat environments from increasingly frequent, sophisticated and evolving cyber attacks
Cloud migrations that compel organizations to secure sensitive data and applications in a new IT environment
A talent crunch due to the ongoing shortage of skilled cybersecurity professionals
Information security market growth by subsegment
From 2024 to 2028, we forecast significant growth in various subsegments of the information security market, as detailed below:
The enterprise security services market will have a CAGR of 12.3%, growing from $73.9 billion to $116.8 billion.
The enterprise security software market will increase from $78.8 billion to $132.4 billion for a CAGR of 14.1%.
The enterprise network security market will grow from $21.8 billion in 2024 to $33.1 billion in 2028, with a CAGR of 10.6%.
The consumer security software market will have the smallest CAGR — 4.0% — rising from $8.2 billion to $9.7 billion.
Information security market growth by geographical region
Over the next four years, growth in the worldwide infosec market will also vary significantly by region:
Japan is expected to have the highest CAGR (16.9%) by 2028, more than doubling from $8.3 billion in 2024 to $17.7 billion in 2028.
China will also be a growth driver with a CAGR of 15.5%, going from $8.4 billion in 2024 to $15.2 billion in 2028.
More mature information system security markets such as North America and Europe will exhibit more modest growth rates (11.9% and 12.3% respectively).
Infosec market growth drivers and inhibitors
In the short-term, the adoption of AI, particularly generative AI, and cloud technologies are significant growth drivers for the information security market. Cyber risks posed by AI will require organizations to invest in application security, data security and privacy, and infrastructure protection, while the cloud will drive growth of the security software and enterprise networking security markets.
On the other hand, the consolidation of vendors, technologies and markets, as well as the broader macroeconomic outlook, will contribute to more subdued growth rates over the next four years.
Are you a CIO or IT leader at a midsize enterprise?
See how your peers are navigating AI adoption, vendor decisions and evolving business demands — with tools tailored to your role:
Explore our resources for midsize enterprises
Check out a curated list of Gartner’s most popular research being utilized by your peers
Information security FAQs
How do currency fluctuations affect the information security market forecasts?
When applying a constant-currency adjustment in U.S. dollars to offset the impact of currency fluctuations, CAGR forecasts move slightly downward:
Enterprise security services market: 12.3% (unadjusted) to 11.4% (adjusted)
Enterprise security software market: 14.1% (unadjusted) to 13.4% (adjusted)
Enterprise network security market: 10.6% (unadjusted) to 9.9% (adjusted)
Consumer security software market: 4.0% (unadjusted) to 3.3% (adjusted)
Japan: 16.9% (unadjusted) to 12.0% (adjusted)
China: 15.5% (unadjusted) to 13.6% (adjusted)
North America: 11.9% (unadjusted) to 11.8% (adjusted)
Europe: 12.3% (unadjusted) to 10.7% (adjusted)
What is the difference between information security and information system security?
Information security is a broad field with the goal of protecting all forms of information, whether digital or physical. It includes areas such as physical security, access controls and regulatory compliance that are not part of information system security. Information system security is a subfield of information security that is specifically concerned with protecting information systems: hardware, software and networks that store and exchange information. It involves technical solutions such as firewalls, encryption and intrusion detection systems.
Gartner Product Leadership Conference
Join the leading technology and service provider peers to get an update on accelerating tech growth in a new era of transformation and technology trends.
Drive stronger performance on your mission-critical priorities.