IoT security spend to rise by 28% to $1.5bn, according to Gartner

IoT security spend to rise by 28% to $1.5bn, according to Gartner

Worldwide spend on security for the Internet of Things is set to top $1.5 billion by the end of 2018, with this figure predicted to double by 2021 according to Gartner.

A recent survey from CEB, now Gartner, found that nearly 20% of organisations observed at least one IoT-based attack over the last three years, highlighting a need for increased security in the sector.

Total spend on IoT security was $1.174 billion in 2017, according to figures from the analysts, but this is predicted to rise by 28% in 2018 and continue that upward trend.

"In IoT initiatives, organizations often don't have control over the source and nature of the software and hardware being utilized by smart connected devices," said Ruggero Contu, research director at Gartner. 

"We expect to see demand for tools and services aimed at improving discovery and asset management, software and hardware security assessment, and penetration testing. In addition, organizations will look to increase their understanding of the implications of externalizing network connectivity. These factors will be the main drivers of spending growth for the forecast period with spending on IoT security expected to reach $3.1 billion in 2021.”

Despite the steady year-over-year growth in worldwide spending, the report - titled “"Forecast: IoT Security, Worldwide, 2018” - predicts that through 2020, the biggest inhibitor to growth for IoT security will come from a lack of prioritisation and implementation of security best practices and tools in IoT initiative planning. This, it adds, could reduce spend by as much as 80%.

Regulatory compliance is expected to become a key influence on the uptake of IoT security, Gartner adds. Guidelines aimed at improving critical infrastructure will compel organisations to focus on security as the IoT market booms.

"Although IoT security is consistently referred to as a primary concern, most IoT security implementations have been planned, deployed and operated at the business-unit level, in cooperation with some IT departments to ensure the IT portions affected by the devices are sufficiently addressed," adds Contu. 

"However, coordination via common architecture or a consistent security strategy is all but absent, and vendor product and service selection remains largely ad hoc, based upon the device provider's alliances with partners or the core system that the devices are enhancing or replacing."

Gift this article