Organizations will spend a collective $188.3 billion on information security and risk management products and services in 2023, according to Gartner. 

The market will balloon in the years following, generating nearly $262 billion in global spending in 2026, reflecting a constant-currency compound annual growth rate of 11% from 2021, the research firm projects. 

Gartner identified three factors that are fueling growth:

• A continued increase in remote and hybrid work.
• A transition from VPNs to zero trust network access.
• A shift to cloud-based delivery models are all propelling the cybersecurity market to new heights.

Cloud security is forecast to be the strongest category for growth in 2023, following a similar market-leading pace of growth in 2022. Gartner predicts organizations will spend nearly $6.69 billion on cloud security in 2023, rising almost 27% year-over-year.

Application security, which Gartner identified as the second-fastest growing category, is expected to rise about 25% and capture $7.5 billion in 2023 spending.

More than 40% of what’s projected to be spent in 2023 will be banked by security services providers, according to Gartner. The research firm expects security services to land $76.5 billion in 2023 spending. 

By 2025, Gartner predicts at least 70% of new remote access deployments will be served by zero trust network access instead of VPN services. That marks a significant shift from 2021 when zero trust network access accounted for 10% of such deployments.

“The modern CISO needs to focus on an expanding attack surface created by digital transformation initiatives,” Ruggero Contu, senior director analyst at Gartner, said in a statement.

Cloud adoption, remote working, third-party infrastructure integration and the convergence of IT, OT and IoT are all contributing to this expanded attack surface, he said.