IT
Indian CISOs Must Adopt Collaborative Risk Management for Secure AI Transformation in 2025.
End-user spending on information security in India is projected to total $3.3 billion in 2025, an increase of 16.4% from 2024, according to a new forecast from Gartner, Inc.
'Persistent security challenges, such as data sprawl from generative AI (GenAI) use, ransomware attacks, evolving regulatory landscapes, and robust cloud adoption are driving Indian enterprises to increase their information security spending across all segments in 2025,' said Shailendra Upadhyay, Sr Principal at Gartner. 'These urgent challenges necessitate real-time threat detection and incident response across hybrid ecosystems.'
'Consequently, chief information security officers (CISOs) in India are prompted to focus on strategic investments in cloud security, access management, and data security and privacy to strengthen organization's security posture and support business resilience.'
Gartner analysts are discussing key strategies and the latest cybersecurity technologies to navigate the evolving threat landscape and enhance business resilience at the Gartner Security & Risk Management Summit, taking place here through today.
Building on the momentum from the previous year, security services is projected to record the highest growth among all segments, with an expected 19% increase in 2025 (see Table 1).
Table 1. Information Security End-User Spending for All Segments in India, 2024-2025 (Millions of U.S. Dollars)
Segment
2024 Spending
2024
Growth (%)
2025 Spending
2025
Growth (%)
Network Security
395
10.1
448
13.3
Security Services
1,346
18.8
1,602
19.0
Security Software
1,131
15.2
1,294
14.4
Total
2,872
16.1
3,344
16.4
Source: Gartner (March 2025)
'Organizations are increasingly using managed security functions from specialized agencies to increase focus on their own core operations,' said Upadhyay. 'The burgeoning demand for security services is further amplified by a shortage of skilled security professionals, making it challenging to secure and retain in-house expertise. Consequently, reliance on external service providers is expected to rise in 2025 and beyond, fueling the growth of the security services industry.'
Gartner predicts that by 2028, 40% of IT services contracts will include a security component.
Security software spending is projected to reach $1.2 billion in 2025, driven by organizations' efforts to simplify management through platform consolidation and the rising demand for cloud security amid India's growing digital startup ecosystem that is dependent on cloud.
'The integration of generative AI models in enterprise applications introduces new data leakage concerns and AI application vulnerabilities, prompting greater investment in security software subsegments such as application security, cloud security, data security, privacy, and infrastructure protection, further fueling the growth of this sector,' said Upadhyay.
Key Cybersecurity Trends to Watch in 2025
In 2025, Indian CISOs will navigate a cybersecurity landscape shaped by GenAI integration and the need to enhance business agility and organizational resilience.
'AI is transforming cybersecurity by decentralizing decision rights and accountability,' said Abhyuday Data, Director Analyst at Gartner. 'As business leaders increasingly use AI to drive strategic value, security and risk management (SRM) leaders must embrace collaborative risk management. This approach strengthens cyber risk ownership and ensures data readiness and security for AI initiatives.'
To effectively navigate the challenges of a constantly evolving threat landscape, widening talent gaps, and increasing regulatory oversight, Indian CISOs must prioritize two key cybersecurity trends:
Gartner analysts recommend investing in synthetic data tools as a replacement for traditional anonymization methods, which helps reduce privacy risks and ensure compliance.
Gartner predicts that by 2026, 75% of organizations with GenAI initiatives will shift their spending focus from structured to unstructured data security. This anticipated shift suggests that SRM leaders should reallocate resources to enhance protection for both data types. Furthermore, by leveraging technologies like data security posture management (DSPM), organizations can improve data cataloging, monitoring, and governance, thereby effectively supporting GenAI use cases.
'To foster cyber resilience, security leaders must transition from a zero-tolerance-for-failure mindset to measuring cybersecurity success by the sustained achievement of business outcomes,' said Data. 'Enhancing resilience involves implementing cyber deterrence measures and building strong cyberstorage capabilities to actively defend storage systems and data from cyber attacks.'
Gartner clients can read more in the report 'Forecast: Information Security, Worldwide, 2022-2028, 4Q24 Update' and 'Top Trends in Cybersecurity for 2025.'
Gartner Security & Risk Management Summit
Gartner analysts are presenting the latest research and advice for security and risk management leaders at the Gartner Security & Risk Management Summit, taking place March 10-11 in India. Additional dates and locations include: April 7-8 in Dubai, June 9-11 in National Harbor, MD, July 23-25 in Tokyo, August 5-6 in Sao Paulo and September 22-24 in London. Follow news and updates from the conferences on X using #GartnerSEC.
About Gartner for Cybersecurity Leaders
Gartner for Cybersecurity Leaders equips security leaders with the tools to help reframe roles, align security strategy to business objectives and build programs to balance protection with the needs of the organization. Additional information is available at https://www.gartner.com/en/cybersecurity/products/gartner-for-cisos.
Follow news and updates from Gartner for Cybersecurity Leaders on X and LinkedIn using #GartnerSEC. Visit the Gartner Newsroom for more information and insights.
Media contact
Sonika Choubey
Gartner
sonika.choubey@gartner.com
(C) 2025 Electronic News Publishing, source ENP Newswire