The State of Security Spending for 2021 and Beyond


Increased Budgets to Protect Against Growing Threat Landscape

As cyber threats have risen in both frequency and sophistication over the past few years, organizations have had to invest more heavily in security measures to safeguard their operations and customer data. According to a recent report by Gartner, worldwide Security Spending  and risk management technologies is projected to reach $150.4 billion in 2021, up 12.4% from 2020. This surge in budgets underscores how security is now a top priority for businesses across all industries.

Endpoint Protection Remains a Core Focus

Endpoints such as PCs, laptops, and mobile devices provide many entry points for attackers to infiltrate organizations’ networks. Consequently, endpoint security continues to receive a significant portion of security budgets, estimated at $9.7 billion in 2021. Advanced capabilities like endpoint detection and response (EDR) have become must-haves as threats evolve. EDR tools offer deeper visibility into endpoints alongside prevention, detection, and automated investigation and response functions. Their value in detecting sophisticated, stealthy adversaries is driving more organizations to adopt and expand existing EDR deployments.

Keeping Applications and APIs Secure

With digital transformation accelerating, securing application programming interfaces (APIs) and the wider attack surface has emerged as an important priority. APIs act as the connective tissue between different applications and services but can expose new vulnerabilities if not properly secured. Meanwhile, web and mobile applications continue to handle large amounts of sensitive data and perform critical functions. According to Gartner, worldwide spending on application security is projected to hit $7.4 billion in 2021 as businesses acknowledge they must embed protections throughout the development lifecycle. Newer techniques like shift left testing are gaining ground to identify issues early.

Rise of Cloud Security Spending

The massive migration to cloud-based systems and services underscores why cloud security spending remains a fast-growing segment. Gartner estimates this category will reach $8.6 billion in 2021 as organizations aim to protect their assets in public, private, and hybrid clouds from cyber attacks and misconfigurations. As cloud use rises across IT environments, securing cloud workloads, data, and credentials is crucial especially when cloud platforms lack sufficient security controls out of the box. Mature cloud access security brokers (CASB) and cloud infrastructure entitlement management (CIEM) solutions are proliferating to help secure access and permissions management in cloud and hybrid IT set-ups.

Monitoring Tools Catch More Budget Share

As the frequency and volume of alerts from different security controls have ballooned, security operations center (SOC) teams face operational challenges in monitoring, investigating and responding to incidents. This is propelling investment in security information and event management (SIEM) tools which consolidate data from an expanded variety of sources across endpoints, networks, applications and cloud platforms into a centralized interface. The global SIEM market is estimated to grow to $3.7 billion in 2021 according to Technavio with widespread adoption driven by the mandate to improve overall visibility and incident response capabilities. Dealing with high volumes of data and alerts is now a strategic investment area.

Budgets Bolster Identity and Access Management

Strong identity and access controls will likely remain as important as ever in 2021 given the prevalence of identity-based attacks. As hybrid work models create more distributed access points to enterprise resources, investment is needed in modern identity and access management (IAM) solutions. These tools offer features like multifactor authentication, just-in-time access, role-based controls and extensive monitoring of users and entitlements across cloud and on-premises environments. According to Grand View Research, the IAM market will near $15 billion by 2028 driven by demand for securing identities in cross-domain environments and expiring privilege access. Many organizations are thus devoting additional funds to update IAM infrastructure.

In Conclusion

This rise in security budgets across categories from endpoints to applications showcases how digital risks and operational complexities are pushing investments to new highs. Bolstering people, processes and controls organization-wide in areas spanning detection, response, identity and access management will be paramount to security programs in 2021 and beyond. As threats grow more advanced, pervasive and disruptive, appropriately resourcing security efforts will remain imperative for businesses of all sizes.


  1. Source: Coherent Market Insights, Public sources, Desk research
  2. We have leveraged AI tools to mine information and compile it