Security, risk management spending in India to grow 13% in 2024: Report

In a rapidly evolving digital landscape, the security and risk management sector in India is poised for significant growth. According to a recent report from Gartner, Inc., end-user spending on security and risk management in India is projected to reach $3 billion in 2024, marking a substantial 13.6% increase from the previous year's figure of $2.7 billion. This surge in investment is primarily driven by the ever-expanding digital transformation, widespread cloud adoption, and the shift towards remote and hybrid work models. 

Indian organizations are facing heightened security exposure as they embrace digital transformation and migrate to cloud-based infrastructure. These trends have catalyzed the need for robust security measures. The growing complexity of cybersecurity threats necessitates a proactive approach, and this has been a significant catalyst for increased spending in the sector. 

Shailendra Upadhyay, Senior Principal Research Analyst at Gartner, comments on this trend, stating, “In 2024, Indian Chief Information Security Officers (CISOs) will prioritize their spending on security and risk management to comply with strict government measures for security breach reporting and digital data protection. Subsequently, local organizations will need to implement more sophisticated security solutions, such as identity access management and cloud security.” 

One of the standout areas of expenditure in 2024 is projected to be cloud security, with a staggering growth rate of 28.9%. This shift is attributed to organizations' increased reliance on Software as a Service (SaaS) applications, which necessitates investment in Cloud Access Security Broker (CASB) solutions to ensure secure SaaS usage. Additionally, investments in Cloud Workload Protection Platforms (CWPPs) are crucial to address protection requirements in diverse cloud-native workloads across hybrid and multicloud environments. 

Upadhyay further elaborates, stating, "Organizations in India are shifting their focus to cloud security spending because increased adoption of software as a service (SaaS) needs investment in cloud access security broker (CASB) which provides security controls to enable the safe use of SaaS applications. In addition, cloud workload protection platforms (CWPPs) investments are required to address protection requirements in diverse cloud-native workloads in hybrid and multicloud environments." 

End-user spending on integrated risk management (IRM) in India is also expected to witness significant growth in 2024, projected at 26.2%. IRM plays a crucial role in supporting organizations' initiatives to enhance the timeliness and quality of risk analysis. This surge in spending is indicative of the increasing importance of holistic risk management strategies. 

Data privacy spending is another area set to grow in double digits in 2024. With the continuous expansion of personal data collected digitally and the introduction of new data protection legislation, local organizations are compelled to invest more in data privacy measures. This shift highlights the growing emphasis on safeguarding sensitive information. 

An August 2023 report by Statista said that organisations in India are expected to increase their spending on all the segments concerning information security and risk management. Cloud security would see the highest growth from $76.2 million to $96 million. The biggest spending per segment continues to be security services, which would increase from $1,027 million to $1,050 million.

As cyberattacks continue to be a pressing concern for Indian organizations, CISOs must remain vigilant and proactive in safeguarding critical applications against potential breaches. Simultaneously, protecting valuable on-premises and cloud data from unauthorized access or compromise should be at the forefront of every cybersecurity leader's strategic decision. Identity-related attacks have emerged as one of the leading causes behind security breaches, necessitating significant resources towards identity threat detection and response solutions.