Photo credit: www.csoonline.com
According to Gartner’s projections, enterprise security budgets are set to rise by 15% in 2025, increasing from an estimated $184 billion in 2024 to $212 billion. This surge in funding comes as a relief to Chief Information Security Officers (CISOs), who will have more resources to combat the ever-evolving landscape of cyber threats.
Shailendra Upadhyay, a senior research principal at Gartner, emphasizes that the persistent threat landscape, the migration to cloud computing, and the ongoing shortage of skilled professionals are elevating security issues to a top priority. This reality urges CISOs to allocate their security budgets wisely to maximize their impact.
With approximately 3,000 cybersecurity firms providing a wide array of products and services, the challenge for CISOs is that innovative startups are consistently securing substantial funding. New product categories frequently emerge to address specific security gaps left by existing solutions.
Due to the influx of new entries into the cybersecurity sector, it’s challenging for CISOs to stay updated on market trends. Nevertheless, several key developments warrant attention.
Surge in Mergers and Acquisitions Supporting Platform Development
Jeff Pollard, a Forrester analyst, anticipates a notable uptick in mergers and acquisitions within the cybersecurity sector, manifesting in two distinct patterns. First, larger companies are likely to acquire smaller firms to enhance their innovation capabilities, motivated primarily by the trend towards platformization. Secondly, longstanding IT companies will begin acquiring security vendors as they transition away from traditional IT offerings and adapt to the burgeoning cybersecurity market.
A salient example of this trend is Cisco’s $28 billion acquisition of Splunk, a leader in artificial intelligence-driven security information and event management (SIEM). This acquisition signals that traditional networking hardware is no longer a growth area, whereas cybersecurity presents substantial opportunities. Furthermore, leveraging AI will become crucial for distinguishing between competing cybersecurity solutions moving forward.
Following Cisco’s move, Palo Alto Networks’ acquisition of IBM’s QRadar for $500 million highlights the ongoing consolidation in the market. Palo Alto aims to transition QRadar’s user base to its Cortex XSIAM platform, reinforcing the trend of major companies enhancing their portfolios through acquisitions.
Various other players made strategic acquisitions in 2024, including Cloudflare’s purchase of Kivera, CrowdStrike’s acquisition of Adaptive Shield, and Rapid7’s integration of Noetic Cyber, a startup focused on managing cyber asset attack surfaces (CAASM).
Dominance of Market Leaders in Cybersecurity
Amidst a multitude of vendors offering single-product solutions, a select few platform providers are solidifying their positions and capturing greater market share. Research by Canalys indicates that the top twelve vendors accounted for 53.2% of total cybersecurity spending in the second quarter of 2024, an increase from 51.9% the previous year.
Palo Alto Networks leads the pack with a 9.5% share, followed closely by Fortinet at 6.9%, Cisco at 6%, Microsoft at 5.7%, CrowdStrike at 3.7%, Check Point at 3.4%, and Okta at 3.3%. Canalys Chief Analyst Matthew Ball forecasts ongoing growth and consolidation due to heightened threats, which necessitate immediate investment in cyber resilience.
Similar trends are reflected in IDC’s recent security appliance tracker, confirming the dominance of Palo Alto, Fortinet, and Cisco.
Strong Venture Capital Activity in Cybersecurity
In 2024, venture capital funding in the cybersecurity sector soared by 43%, reaching nearly $11.6 billion, up from $8.1 billion in 2023, as reported by Crunchbase. Although the total number of deals decreased, the size of individual investments increased significantly, with cloud security firm Wiz raising $1 billion and secure file transfer company Kiteworks securing $456 million.
Other startups garnering substantial investments include SandboxAQ, focused on applying quantum technology to AI, and Armis Security, which specializes in asset intelligence platforms for endpoint behavior analysis. However, Crunchbase notes that venture funding could potentially shift as investors may prioritize AI-focused startups in the future.
Balancing Platforms and Point Products in Cybersecurity
The cybersecurity landscape does not yet align with the idea of a single platform capable of addressing all vulnerabilities. Forrester’s Pollard points out that while many CISOs pursue platformization for reasons such as easier integration and automation, point products will continue to be relevant and often necessary to address specific gaps not yet covered by platforms.
A recent survey by Enterprise Technology Research indicated that 51% of participants intend to increase the number of vendors in their security stacks, with only 9% planning a reduction. This suggests that while platform strategies are gaining traction, organizations still prioritize specialized solutions for immediate threats.
Ultimately, CISOs are adopting a dual approach, relying on comprehensive vendor platforms while simultaneously seeking best-of-breed products tailored for unique security challenges.
Declining Prospects for Standalone SIEM Solutions
The standalone SIEM market appears to be waning due to significant acquisitions, including Cisco acquiring Splunk and Palo Alto acquiring IBM’s QRadar. Industry analysts anticipate that standalone SIEM vendors may face further consolidation amidst fierce competition from tech giants like Microsoft, Google Cloud, and CrowdStrike.
As vendors pivot to combine core SIEM functionalities with more sophisticated capabilities like extended detection and response (XDR), analysts like Forrester’s Allie Mellen foresee limited opportunities for remaining standalone SIEM offerings.
AI and Machine Learning Systems as Emerging Attack Targets
The impact of AI on enterprise cybersecurity is multifaceted, offering benefits such as automated threat detection while also presenting new vulnerabilities, particularly concerning data-rich AI and machine learning systems. Protecting these systems from potential data poisoning and other attacks has led to the emergence of AI security posture management (AI-SPM) tools.
Industry players, including established companies like Palo Alto and Microsoft, are entering this space alongside new startups such as Protect AI and Witness AI. Similarly, cloud security posture management (CSPM) tools are gaining traction, assisting organizations in managing risks within public cloud environments, detecting misconfigurations, and ensuring regulatory compliance.
Emergence of Single-Vendor SASE Solutions
Secure Access Service Edge (SASE), which combines SD-WAN with zero-trust network access (ZTNA) and additional security features, is witnessing a shift from multi-vendor solutions to single-vendor offerings. As companies seek more integrated solutions that simplify deployment and management, single-vendor SASE solutions are expected to dominate the market.
According to Dell’Oro Group’s Mauricio Sanchez, the trend towards single-vendor SASE is likely to grow, potentially representing over 85% of the market by 2028. Currently, six vendors—Zscaler, Cisco, Palo Alto Networks, Broadcom, Fortinet, and Netskope—account for a combined market share of 72% as they compete to establish robust, comprehensive security frameworks.
See also:
- 6 hot cybersecurity trends — and 2 going cold
- CISOs’ top 12 cybersecurity priorities for 2025
- 7 top cybersecurity projects for 2025
- 10 most powerful cybersecurity companies today
Source
www.csoonline.com