Companies are increasingly moving away from spending on prevention-only approaches to IT security in favour of boosting detection and response capabilities, new research shows.
In a forecast, Gartner predicts spending on information security will increase 7.6 per cent this year to $90 billion (€84.6billion), rising to $113 billion by 2020.
It said even preventive security controls, such as endpoint protection platform (EPP), firewalls, application security and intrusion prevention systems, are being tweaked to provide more intelligence into security operations, analytics and reporting platforms.
"The shift to detection and response approaches spans people, process and technology elements and will drive a majority of security market growth over the next five years," said Sid Deshpande, principal research analyst at Gartner.
“While this does not mean that prevention is unimportant or that chief information security officers are giving up on preventing security incidents, it sends a clear message that prevention is futile unless it is tied into a detection and response capability,” he added.
Skills shortages are further driving spending on security services with many organisations lacking established knowledge of detection and response strategies Gartner said.
The forecast comes as research from Kaspersky Lab shows retail banks are spending three times as much on IT security as non-financial institutions.
Some 64 per cent of banks surveyed said they are investing in improving their IT security regardless of the return on investment, in order to meet the growing demands of government regulators, management and customers.
Mobile banking is an area seen as particularly problematic for financial institutions with 42 per cent of banks predicting that the majority of their customers will use it as their primary means of banking within three years.
However, the banks also report that customers are still behaving carelessly online with the majority adding that their customers are frequently under attack from phishing attempts.