Total spending in 2023 is expected to hit US$223.8 billion in the best-case scenario, with growth in the delivery of cybersecurity services outpacing product shipments. Persistent heightened threat levels will keep cybersecurity high on the list of investment priorities for organizations. But not all planned projects will be signed off, as pressure mounts on budget holders to scrutinize spending and focus only on the most pressing cybersecurity needs to minimize the risk of breaches. Spending among governments and enterprises will rise, but investment by smaller businesses will weaken as economic conditions deteriorate.
The evolving threat landscape will maintain pressure on organizations to broaden and deepen their cybersecurity defenses, expand detection capabilities and improve incident response in 2023. “Ransomware remains the biggest threat to organizations from an operational, financial and brand perspective. But the emergence and abuse of generative AI models, such as ChatGPT, will increase the risk to another level in 2023,” said Matthew Ball, Chief Analyst at Canalys. “This will enable and accelerate the creation of malicious code on an industrial scale by more threat actors and increase the frequency and range of attacks. Organizations are already struggling to deal with current threat levels and cannot afford to cut back on spending as it will leave them even more vulnerable. Instead, they will need to work more closely with channel partners to make smarter investments.”
The delivery of cybersecurity services, including consulting, outsourcing, deployment, integration, maintenance and managed services, is forecast to grow by 14.1% to US$144.3 billion in 2023. This will account for 64.5% of the worldwide cybersecurity market in 2023. “Organizations will continue transforming their cybersecurity strategies to increase their resilience this year. Implementing Zero Trust architectures to address the vulnerabilities that have been successfully exploited over the last three years since the start of the pandemic will be the central theme,” said Srikara Upadhyaya, Research Analyst at Canalys. “This will drive more consulting engagements for channel partners, as well as create opportunities around deploying and integrating multiple products from different vendors, while reducing operational complexity via managed services. Overall, more than 90% of total cybersecurity product and services spending will go through channel partners in 2023.”
Shipments of cybersecurity products, including endpoint security, network security, web and email security, data security, identity and access management, and vulnerability and security analytics, will increase by 11.7% to US$79.5 billion in 2023. This represents robust growth for the technology sector, but is also a slowdown from 2022 levels, when organizations ramped up spending to upgrade existing defenses and added new capabilities, especially cloud, IoT/OT and identity security. Deal sizes will continue to increase in 2023. But this will also extend sales cycles, as additional levels of sign-off will be required. Presenting risk assessments and demonstrating a return on investment will be even more important for channel partners. But total cybersecurity spending will still fall short of the level needed to turn the tide against threats after years of chronic underinvestment.