IT spending in the EMEA region continues to prioritize security services and technology, according to TechTarget and ESG’s Technology spending intentions research. This focus on security extends beyond cybersecurity, encompassing areas such as networking, infrastructure, applications (DevSecOps), and generative artificial intelligence (GenAI).
With 48% of organizations in EMEA planning to increase their IT spend this year, security is the main beneficiary of this trend. 63% of organizations plan to spend on security, compared to only 4% planning to decrease cyber spending. Furthermore, 49% of respondents said security has become significantly more important to their organization’s future over the past two years.
EMEA respondents justify their IT spend by citing the need to improve cybersecurity resilience, accounting for 41% of justifications. This upward trend in spending is also influenced by new legal and regulatory introductions, such as various EU initiatives focused on transparency, responsible data use, and improved cybersecurity.
On a global scale, vulnerability management, penetration testing, and data loss prevention (DLP) are the top areas of spending. In EMEA, there is a notable focus on zero-trust network access (ZTNA) as an element of cloud security, as well as cloud data security and DLP projects. The trend also shows a growing awareness of the need to protect sensitive data in cloud environments.
Security is also permeating the application development lifecycle, with investments in penetration testing, vulnerability management, API security, domain name system security, and DevSecOps. This indicates a positive development of integrating security into the developers’ toolbox and protecting applications and APIs in the cloud.
In the realm of SecOps, EMEA respondents plan to invest in SIEM, threat intelligence, endpoint protection, and extended detection and response (XDR) to enhance their security operations practices. SIEM remains a dominant pillar thanks to AI-driven investments and the need to protect clouds. XDR is gaining traction due to proactive threat hunting and the desire for a holistic view of the threat landscape.
In terms of network security, EMEA buyers are investing in ZTNA projects, firewalls, SIEM, virtual private networks (VPNs), and intrusion detection systems (IDS). Investment in ZTNA has grown threefold in the past year, driven by early adopters realizing significant returns. Investment in SASE, which is described as aggressive, highlights the need for differentiated go-to-market strategies.
Privacy and data protection investments focus on email security, data privacy and governance, DLP, compliance and risk assessment, and data encryption and cryptography. Organizations prioritize protecting sensitive information due to increasing data breaches and compliance requirements. Some organizations are also investing in generative artificial intelligence and quantum protection to prepare for future challenges.
Lastly, identity spending targets single-sign-on (SSO), multi-factor authentication (MFA), zero-trust identity access, privileged identity, account management, and passwordless authentication. This indicates a strong emphasis on privileged identity and the importance of seamless sign-on experiences for users in an increasingly perimeterless environment.