Enterprise security budgets are anticipated to extend 15% in 2025, from an estimated $184 billion in 2024 to $212 billion, in keeping with Gartner. That’s excellent news for CISOs as a result of it supplies extra assets within the ongoing battle in opposition to cyberattacks.
“The continued heightened risk surroundings, cloud motion, and expertise crunch are pushing security to the highest of the priorities record and urgent CISOs to extend their group’s security spend,” says Shailendra Upadhyay, senior analysis principal at Gartner.
On the similar time, CISOs must make the powerful calls as to how and the place to deploy these security {dollars} with the intention to get essentially the most bang for the buck.
There are an estimated 3,000 cybersecurity corporations providing services and products. Scorching, new startups are elevating enormous quantities of funding. Solely new product classes pop up on a regular basis, designed to plug that one security gap your present platform doesn’t cowl.
It’s inconceivable for CISOs to maintain observe of all of the comings and goings within the cybersecurity market, however listed below are a few of the key traits to pay attention to.
Elevated M&A exercise in help of platforms
“We will certainly see extra M&A exercise throughout the cybersecurity area, and it’ll are available in a number of totally different situations,” says Forrester analyst Jeff Pollard. “First, giant corporations proceed to accumulate smaller distributors to speed up innovation efforts. The first driver for this might be towards platformization initiatives.”
He provides, “Second, count on conventional IT distributors to make security vendor acquisitions as they shift away from legacy IT services and products and start to pursue the cybersecurity market based mostly on its progress charges.”
The prime instance of Pollard’s second level was Cisco’s $28 billion acquisition of AI-driven SIEM chief Splunk. The deal sends two messages to the market: Promoting routers and switches shouldn’t be a progress market anymore, however cybersecurity is. And AI is greater than only a buzzword; it’s going to be a key differentiator for cybersecurity corporations going ahead. Whoever can leverage AI to transform uncooked knowledge into actionable intelligence will win.
Shortly after the Cisco/Splunk deal, market chief Palo Alto Networks shelled out $500M for IBM’s QRadar SIEM instrument, with plans to transform QRadar clients over to Palo Alto’s Cortex XSIAM (prolonged security intelligence and automation administration) platform.
Different cybersecurity distributors had been busy as effectively in 2024. Cloudflare introduced its acquisition of cloud security startup Kivera to bolster its SASE platform. CrowdStrike purchased SaaS security startup Adaptive Defend. Rapid7 acquired Noetic Cyber, a startup targeted on cyber asset assault floor administration (CAASM).
Fortinet scooped up Subsequent DPL to boost its SASE providing. Kaseya purchased SaaS Alerts; Proofpoint purchased knowledge security posture administration (DSPM) startup Normalyze, Netskope acquired DSPM vendor Dasera, and Zscaler added Avalor Applied sciences and Airgap Networks to its portfolio.
Market leaders are gaining share
The cybersecurity market has a dizzying variety of single-product distributors, however a handful of highly effective platform suppliers have risen above the pack and are gaining market share.
In line with analysis agency Canalys, the highest 12 distributors benefited essentially the most from clients taking early steps to transition to platforms. Collectively, they accounted for 53.2% of whole spending within the second quarter of 2024, up from 51.9% final 12 months.
The market chief is Palo Alto Networks (9.5%), adopted by Fortinet (6.9%), Cisco (6%), Microsoft (5.7%), CrowdStrike (3.7%), Examine Level (3.4%), and Okta (3.3%), in keeping with Canalys.
Canalys Chief Analyst Matthew Ball is predicting continued progress and consolidation out there. “Menace ranges stay heightened. Clients can not hold pushing aside funding in enhancing their cyber resilience,’’ he says.
IDC’s newest tracker for security home equipment (firewalls, IDS/IPS, VPNs) has an analogous pecking order, with Palo Alto Networks at No. 1, adopted by Fortinet, Cisco, and Examine Level.
The cybersecurity VC pipeline stays robust
Enterprise capital funding in cybersecurity jumped 43% in 2024, in keeping with Crunchbase. Complete funding for VC-backed cybersecurity startups hit almost $11.6 billion, up from $8.1 billion in 2023.
The entire variety of offers declined, however the offers that had been finalized had been bigger than in previous years. For instance, cloud security startup Wiz raised $1 billion, safe file switch vendor Kiteworks raised $456 million, and managed security service supplier I-Tracing raised greater than $500 million.
Different startups that raised large chunks of cash embody SandboxAQ, which appears to use quantum expertise to AI improvement; knowledge security vendor Cyera; and Armis Safety, which is creating an asset intelligence platform to research endpoint habits.
Crunchbase cautions, nonetheless, that VC funding for cybersecurity corporations may very well be impacted by buyers shifting their priorities to AI startups. However for now, the market stays robust.
Platforms vs. level merchandise: Why not each?
It will be nice if there have been a broad cybersecurity platform that addressed each potential vulnerability — however that’s not the fact, at the very least not as we speak.
Forrester’s Pollard says, “CISOs will proceed to pursue platformization approaches for the next interrelated causes: One, ease of integration; two, automation; and three, productiveness positive aspects. Nevertheless, level merchandise won’t go away. They are going to be used to reinforce management gaps platforms have but to unravel.”
A current survey by Enterprise Know-how Analysis indicated that 51% of respondents count on to extend the variety of suppliers of their security stack over the following 12 months, whereas solely 9% count on a lower.
Erik Bradley, chief strategist at ETR, explains that whereas distributors have been pursuing a platformization technique, “this knowledge exhibits that finish customers are nonetheless shopping for better of breed and constructing layered defenses by way of growing the variety of distributors when needed.”
The takeaway is that CISOs are taking a two-pronged method, adopting vendor platforms in a well-intentioned effort to fight instrument sprawl. However when organizations determine a direct risk, they’re extra more likely to deploy a best-of-breed level product that they will deploy rapidly, quite than wait for his or her platform supplier to ship comparable performance someday sooner or later, in all probability by way of an acquisition, adopted by an integration course of that will or might not be seamless.
Prospects for standalone SIEM are dim
Between Cisco’s acquisition of SIEM chief Splunk, Palo Alto’s transfer to accumulate IBM’s QRadar and shift these clients onto Palo Alto’s platform, plus the merger of LogRhythm and Exabeam, analysts are saying the standalone SIEM market is in decline.
Instead, distributors are packaging the SIEM core performance of analyzing log recordsdata with extra superior capabilities similar to prolonged detection and response (XDR).
Forrester analyst Allie Mellen predicts additional consolidation for the remaining standalone SIEM distributors, amid heightened competitors from Microsoft, Google Cloud, CrowdStrike and SentinelOne.
AI/ML methods turn out to be new assault surfaces, requiring safety
AI is having enormous impression on enterprise cybersecurity, each constructive (automated risk detection and response) and unfavorable (extra sinister assaults). However what about defending the data-rich AI/ML methods themselves in opposition to knowledge poisoning or different varieties of assaults?
AI security posture administration (AI-SPM) has emerged as a brand new class of instruments designed to supply safety, visibility, administration, and governance of AI methods by way of the whole lifecycle.
Distributors embody established gamers — Palo Alto, Microsoft, CrowdStrike — in addition to a crop of startups that embody Shield AI and Witness AI.
“Posture administration” product classes have been emergin and evolving of late, with cloud security posture administration (CSPM) being one other key product set on the rise. The 2 toolsets, AI-SPM and CSPM, are complementary however handle totally different use instances. CSPM facilities on assessing and mitigating dangers in public cloud environments, detect misconfigurations that create vulnerabilities, and implementing compliance with regulatory insurance policies.
The rise of single-vendor SASE
Safe entry service edge (SASE), outlined by Gartner as a service providing that features SD-WAN plus zero-trust community entry (ZTNA), safe net gateway (SWG), cloud entry security dealer (CASB), and community firewalling, requires distributors to mix a number of merchandise right into a single suite.
As a result of early single-vendor merchandise had been immature and lacked integration, multi-vendor SASE has been the most well-liked selection. However the tables are turning.
“Since we began monitoring the SASE market in 2019, multi-vendor options have represented many of the market in comparison with single-vendor. Nevertheless, we anticipate that single-vendor SASE will turn out to be the vast majority of the market,” says Dell’Oro Group analyst Mauricio Sanchez.
“As single-vendor SASE answer maturity will increase, so is the consolation in buying all of it from a single vendor. The stress to go after better of breed from a number of distributors is slowly diminishing,” Sanchez says. Single-vendor SASE options are anticipated to characterize greater than 85% of the market by 2028, pushed by enterprise desire for built-in, one-stop options that simplify deployment and administration, says Dell’Oro Group.
The market is consolidating round six distributors who’ve a mixed 72% share. These six distributors are Zscaler, Cisco, Palo Alto Networks, Broadcom, Fortinet, and Netskope, in keeping with Dell’Oro.
See additionally:
- 6 scorching cybersecurity traits — and a pair of going chilly
- CISOs’ prime 12 cybersecurity priorities for 2025
- 7 prime cybersecurity initiatives for 2025
- 10 strongest cybersecurity corporations as we speak
