Security, risk management spending in India to surge by 12% in 2024

Security and risk management (SRM) spending in India is set to rise by 12.4% in 2024, hitting $2.9 billion, as per Gartner’s latest forecast. This surge is driven by factors like legacy IT modernisation via cloud technology, the push for digital platforms across industries, updated regulations, and the continuing shift to remote and hybrid work setups. 

As per the report, Cloud security spending is projected to see the highest growth, with a 9.4% increase to $2,620 million in 2024. The adoption of cloud and multi-cloud setups presents security challenges, leading to a heightened focus on cloud security measures by Indian organisations. 

Chief information and security officers (CISOs) in India are expected to prioritise SRM spending to enhance organisational resilience and compliance in 2024. With the government's stricter measures mandating security breach reporting and digital data protection, CISOs face increased pressure to safeguard critical assets against evolving cyber threats, the research and consulting firm said. 

“In 2024, chief information and security officers (CISOs) in India will prioritise their spending on SRM to improve organisational resilience and compliance,” said Shailendra Upadhyay, Senior Principal at Gartner. “With the introduction of stringent government measures mandating security breach reporting and digital data protection, CISOs are facing heightened responsibility in safeguarding critical assets against evolving cyber threats.” 

Infrastructure protection spending is forecasted to grow by 20.4% in 2024, driven by the expansion of endpoint protection platform (EPP) and security information and event management (SIEM) markets. Local organisations are seeking comprehensive SIEM systems to meet diverse security and business needs.  

Additionally, the rise of remote work is prompting organisations to reconsider their endpoint security strategies, leading to increased use of cloud-based EPP solutions with endpoint detection and response (EDR) capabilities. 

The emergence of generative AI (Gen AI) poses significant challenges for Indian CISOs in 2024, with regulatory concerns and the rapid adoption of cloud computing adding to the complexity.  

To address these challenges effectively, CISOs must prioritise two key cybersecurity trends: adapting application and data security practices to new attack surfaces introduced by Gen AI, and implementing user monitoring strategies. Gartner predicts a more than 15% incremental spend on application and data security by 2025 due to Gen AI. 

Furthermore, bridging the communications gap with outcome-driven metrics (ODMs) is crucial for creating a defensible cybersecurity investment strategy. ODMs provide a credible expression of risk appetite, supporting direct investment in cybersecurity measures, the report said.