Gartner Forecasts Enterprise Security and Risk Management Spending in Australia to Grow 14.4% in 2025

SYDNEY, Australia, March 4, 2025 — Australian organisations will spend almost AU$6.2 billion on information security and risk management products and services in 2025, an increase of 14.4% from 2024, according to the latest forecast from Gartner, Inc. 

"Generative AI (GenAI), and AI more broadly, will continue to impact the strategic objectives of Australian security and risk management leaders this year as they navigate its impact on cybersecurity," said Richard Addiscott, VP Analyst at Gartner. "Coupled with the enduring challenges of an ever-evolving threat landscape, widening talent gaps and increasing regulatory oversight, their efforts are predominantly focused on enabling transformation and embedding resilience this year."

In Gartner's annual global survey of over 3,186 CIOs and technology executives, including 109 from Australia and New Zealand (ANZ), 88% of ANZ respondents revealed that cybersecurity remains the top technology investment in 2025 for the second consecutive year. 

Gartner analysts are exploring how security and risk management leaders can advance their information security and risk strategies this week at the Gartner Security & Risk Management Summit taking place in Sydney.

Security Services Remains Largest Spending Segment
Security services, including consulting, professional and managed security services, remains the largest end-user spending category in Australia, forecast to reach almost AU$2.9 billion in 2025. This is an increase of 16.1% from 2024, reflecting the increasingly important role security service providers play in helping Australian organisations navigate emerging cybersecurity challenges, particularly as the skills shortage continues (see Table 1). 

Table 1. Enterprise Security & Risk Management End-User Spending, Australia, 2024-2025 (Millions of Australian Dollars)

Source: Gartner (March 2025)

GenAI Drives Broader Investment in Cybersecurity
The adoption of AI and GenAI in Australia continues to increase investments in security software markets like application security, data security and privacy, and infrastructure protection. 

"More than two years after the release of ChatGPT, the impact of GenAI and broader AI capabilities for Australian security leaders is real," said Addiscott. "As these capabilities compel organisations to transform their digital ambitions, it requires security leaders to adapt their cybersecurity roadmaps, focus on securing their organisation's AI adoption and experiment with AI in cybersecurity."

According to Gartner, early adopters of AI within security and risk management experienced mixed results following the initial hype and are now shifting toward more sustainable and incremental implementations of AI, which are more likely to be successful. Gartner predicts 90% of successful AI implementations in cybersecurity will be tactical — task automation and process augmentations — rather than role replacing by 2027.

Gartner recommends Australian security and risk management leaders prepare for the swift and continual evolution of GenAI, with new turbulence expected from emerging AI application deployments. This could be from AI agents; a new wave of cybersecurity promises from business and cybersecurity providers; or attackers leveraging GenAI in ways that create new disruptions. 

Gartner clients can read more in the report "Forecast: Information Security and Risk Management, Worldwide, 2022-2028, 4Q24 Update." 

Learn how to create a cybersecurity strategy that meets the needs of people, as well as technology in this complimentary Gartner guide.

Gartner Security & Risk Management Summit 
Gartner analysts are presenting the latest research and advice for security and risk management leaders at the Gartner Security & Risk Management Summit in Sydney this week. Upcoming dates and locations for Gartner Security & Risk Management Summits are March 10-11 in Mumbai, April 7-8 in Dubai, June 9-11 in National Harbor, July 23-25 in Tokyo, August 5-6 in Sao Paulo and September 22-24 in London. Follow news and updates from the conferences on X using #GartnerSEC.

About Gartner for Cybersecurity Leaders
Gartner for Cybersecurity Leaders equips security leaders with the tools to help reframe roles, align security strategy to business objectives and build programs to balance protection with the needs of the organisation. Additional information is available at https://www.gartner.com/en/cybersecurity.

Follow news and updates from Gartner for Cybersecurity Leaders on X and LinkedIn using #GartnerSEC. Visit the Gartner Newsroom for more information and insights.

About Gartner
Gartner, Inc. (NYSE: IT) delivers actionable, objective insight that drives smarter decisions and stronger performance on an organisation's mission-critical priorities. To learn more, visit gartner.com.