Global cybersecurity spending is set to rise 12% in 2025 – here are the industries ramping up investment - IT Pro

(Image credit: Getty Images) Share Copy link Facebook X Linkedin Bluesky Share this article Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Global cybersecurity spending is expected to surge this year, fueled by escalating state-sponsored threats and the rise of generative AI, according to new analysis from IDC. Statistics from the consultancy’s Worldwide Security Spending Guide show spending is expected to grow by 12.2% across the year and to hit $377 billion by 2028. The bulk of this spending - 70% - will be in the US and Europe, the study found. But there's set to be an increase in every geographical region, in particular Latin America, Central and Eastern Europe, and the Middle East and Africa. Eman Elshewy, senior research manager with IDC Data and Analytics, said rapid digital transformation efforts and enthusiasm for emerging technology adoption have significantly pushed demand for security solutions - and this is expected to accelerate further. "MEA is witnessing substantial investments from both government and enterprises to fight rising cyber threats, with strong awareness for the importance of cybersecurity education and training programs to fortify organizations against possible attacks." The industries spending big on cybersecurity Banking, federal and central government, telecommunications, capital markets, and healthcare providers will be the biggest spenders this year. Meanwhile, the fastest-growing sectors will be capital markets, media and entertainment and life sciences with an expected year-on-year growth rate of 19.4%, 17.1% and 16.9% respectively. "The protection from cyber threats — now enhanced by AI and GenAI — is becoming an increasingly strategic issue for organizations in all industries," said Stefano. He cited in particular organizations managing critical infrastructure - for example, oil and gas or telecommunications - along with those developing critical assets such as aerospace, defense and life sciences, or those providing key services to clients and citizens such as banking or government. “Although national and international regulations still play an important role in guiding organizations' security strategies — especially in regulated industries — more of them are realizing that having a proactive approach to security is crucial, not only as a short-term operational protection measure but also as a competitive advantage in the long term," he said. While large and very large businesses account for most security spending across all regions, IDC small and medium-sized businesses will also continue to increase their investments in security throughout the forecast period. More than half the cash will go on security software, with a 14.4% year-on-year growth rate. There's particular growth for cloud native application protection platform (CNAPP) solutions, for example. Similarly, smaller enterprises are ramping up investment in identity and access management (IAM) software and security analytics software. Security services will be the second fastest growing technology group in 2025, driven by the continuing expansion of managed security services, followed by security hardware, which IDC said will achieve single-digit but steady growth in 2025. MORE FROM ITPRO Cyber attacks against UK firms dropped by 10% last year, but experts say don't get complacent How to reduce cybersecurity costs for your business IT services spending set to surge in 2025 as CIOs shift to AI partner solutions TOPICS Ross Kelly News and Analysis Editor Ross Kelly is ITPro's News & Analysis Editor, responsible for leading the brand's news output and in-depth reporting on the latest stories from across the business technology landscape. Ross was previously a Staff Writer, during which time he developed a keen interest in cyber security, business leadership, and emerging technologies. He graduated from Edinburgh Napier University in 2016 with a BA (Hons) in Journalism, and joined ITPro in 2022 after four years working in technology conference research. For news pitches, you can contact Ross at ross.kelly@futurenet.com, or on Twitter and LinkedIn. Latest 95% of organizations don’t fully trust their cybersecurity vendors – here’s why How Schneider Electric is streamlining onboarding with WalkMe You might also like In the age of all-in-one platforms, how can partners avoid becoming interchangeable? Microsoft opens up Entra Agent ID preview with new AI features Cybersecurity leaders must stop seeing resilience as a "tick box exercise" to achieve meaningful protection, says Gartner expert Security experts call for better 'offboarding' practices amid spate of insider attacks by outgoing staff News Enterprises should act swiftly to revoke rights and access, regardless of the manner of an employee’s departure. Cyber teams are struggling to keep up with a torrent of security alerts Identity security is more important than ever – here’s why News 78% of enterprises told Okta that controlling access and permissions for non-human identities is now their main identity security concern. Okta and Palo Alto Networks are teaming up to ‘fight AI with AI’ Developer security best practices in a fast growing tech company Whitepaper A buyer's guide for meeting the unprecedented speed and complexity of today's development practices VIEW MORE ▸