Australian business to spend $7.3b on risk management: Gartner

Australian businesses are expected to spend upwards of $7.3 billion on incident management according to Gartner senior director analyst, Richard Addiscott. 

Addiscott said Australian companies will see the spend put towards "information security and risk management in 2024."

He added this sizeable spending is “an increase of 11.5 percent from 2023”. 

The findings follow the release of Gartner's latest forecast, which also found cloud security spend will also see the largest growth with an increase of 26.9 percent expected in 2024. 

"Recent highly publicised cyberattacks in Australia, coupled with increasing regulatory obligations, are keeping security and risk top of mind for Australian organisations this year," Addiscott said.

He added the additional pressures coming from the "tidal wave of new generative AI-enabled technologies." 

Addiscott said these incidents have negatively impacted organisations, making them “worried about a potential fallout”.

“Industry regulators are increasingly pushing for improved competence,” Addiscott said. 

Gartner’s annual global survey which featured over 2400 CIOs and technology executives, including 87 from Australia and New Zealand, stated that 87 percent of ANZ respondents will receive their “largest increase in technology investments in 2024”.

This is a 25 percent increase from the previous year, according to the global survey. 

Gartner said, “security services, including consulting, hardware support implementation and outsourcing information”, remained the country's top end-user spending category.

This follows a forecast set to reach approximately 4.3 million Australian dollars dedicated towards the security services sector throughout 2024.

According to Gartner this “reflects the increasingly important role security service providers play in helping” Australian organisations, “navigate emerging cybersecurity challenges”.

Gartner identified these cybersecurity challenges in 10 segments with areas, “cloud security, data privacy and other information security software”, seeing the largest growth in spending as of 2024.

Gartner’s report noted “increasing investments in generative AI” which connected to the “swift and continual evolution of generative AI”, calling for preparation from security and risk leaders in Australia.

Gartner said generative AI will "introduce new attack surfaces that need protecting and require changes to application and data security practices and user monitoring.”

This follows Gartner’s predictions for 2025 professing that GenAI will cause a spike in the cybersecurity resources” required to secure risks posed by AI.

“Spending on AI will primarily be incorporated into enterprises through existing IT spending in the long term," according to Gartner. 

Addiscott added, “It’s reasonable to suggest we’ll see similar patterns when it comes to security and risk management spending as security capabilities continue to evolve”.