The report, from analyst firm Gartner, reveals that the shift to detection and response approaches will see spending on security expected to reach US$90 billion in 2017, an increase of 7.6% over 2016.
It says spending on security worldwide will climb to US$113 billion by 2020, with spending on enhancing detection and response capabilities expected to be a key priority for security buyers throughout 2020.
"The shift to detection and response approaches spans people, process and technology elements and will drive a majority of security market growth over the next five years," said Sid Deshpande, principal research analyst at Gartner.
According to Deshpande, skills shortages are further driving spending on security services.
He says many organisations lack established organisational knowledge of detection and response strategies in security because preventive approaches were the most common tactics for decades.
“Skill sets are scarce and, therefore, remain at a premium, leading organisations to seek external help from security consultants, managed security service providers (MSSPs) and outsourcers.”
Gartner notes that the need to better detect and respond to security incidents has also created new security product segments such as deception, endpoint detection and response (EDR), software-defined segmentation, cloud access security brokers (CASBs), and user and entity behavior analytics (UEBA).
Deshpande says these new segments are creating net new spending, but are also taking spend away from existing segments such as data security, enterprise protection platform (EPP) network security and security information and event management (SIEM).
On the services side, Gartner says the emergence of specialised managed detection and response services is a threat to traditional MSSPs.
And, the analyst firm says the rising number of point solutions in the security market that address detection and response is creating sprawl and manageability issues for CISOs and security managers, driving spending for management platforms and services that are better integrated with adjacent markets.
Gartner also says that as enterprises shift toward balancing prevention with newer detection and response approaches, CISOs are changing how they measure the success of their security strategy.
“All security investments are being measured on how they contribute to the shift in mindset. Even preventive security controls, such as EPP, firewalls, application security and intrusion prevention systems (IPSs), are being tweaked to provide more intelligence into security operations, analytics and reporting platforms,” said Lawrence Pingree, research director at Gartner.
"CISOs are keen to communicate the return on investment of their security strategy in terms of the business value association with quick damage limitation.
"The key enabler for CISOs in this endeavour is to get visibility across their security infrastructure to make better decisions during security incidents. This visibility will enable them to have a more strategic and risk-based conversation with their board of directors, CFO and CEO about the direction of their security programme."
The Gartner security market report is here.