Trends and forecasts in IT security Exhibitor survey for it-sa 2017

• Most companies don't invest in IT security until after a security incident
• In large companies, IT security is generally the responsibility of the management
• Growing demand for IT security solutions Future growth primarily in health, banking/finance and energy sectors

Today companies are spending more on IT security measures than in recent years and numerous organisations have established the issue as the responsibility of top management. Nevertheless, the majority of companies do not make the necessary investments until after a security incident has occurred. These were some of the findings of the survey “Trends and Forecasts in IT Security” that was conducted ahead of the it-sa trade fair that is set to take place in Nuremberg from 10 to 12 October. Here are the main conclusions from the questionnaire, which was carried out for the third time and is representative of the more than 580 exhibitors at it-sa:

IT security budgets have increased
Whereas 75 percent of exhibitors from firms with more than 250 employees are currently reporting an increase in their IT security budget, this was the case at only 35 percent of firms with up to 50 employees. At 67 percent, mid-sized companies are almost at the same level as larger firms.

Two-thirds of companies only react after a security incident has occurred
Although budgets are growing, the exhibitors' customers do not do anything to defend themselves before an attack occurs, but wait until after an IT security breach to make the necessary investments. This was confirmed by 65 percent of exhibitors.

This reduces the proportion of exhibitors whose customers are mostly proactive to 35 percent. In 2016 and 2015 this value was as much as 44 and 45 percent respectively.

IT security management is a question of the company's size
Once again, there is a difference between large and small companies when it comes to implementing IT security measures: The bigger the company the more likely it is to pursue systematic management of IT security.

According to the it-sa exhibitors, 70 percent of companies with a workforce of more than 250 have a systematic IT security concept, compared with just 37 percent of firms with up to 50 employees. In the case of companies with between 51 and 250 employees the proportion is 52 percent.

In many companies, IT security is a job for the company’s management
In the course of digitalisation, there are certain elements to the risk from cyberattacks that increasingly have to be regarded as businesscritical. For the first time, therefore, exhibitors were asked whether their customers had established IT security as a separate area of responsibility within company management.

Here too, the bigger the company the more frequently IT security was embedded at the highest levels of the company. For large companies the figure was 57 percent, for mid-sized companies 49 percent and for small firms 47 percent.

IT security sector on the upturn
The IT security industry is booming, with 53 percent of exhibitors seeing a strong upward trend and 40 percent an upward trend. For the second time in succession, therefore, the mood in the sector has improved.

Since the last it-sa, turnover volumes in the IT security field have undergone a positive development for 84 percent of exhibitors. None of the exhibitors reported a decline in sales.

Exhibitors expect that the EU General Data Protection Regulation will have a positive impact.
The EU General Data Protection Regulation is having a noticeable influence on the expectations of it-sa exhibitors, 82 percent of whom think it will have a positive or very positive effect on their business development in the coming year.

The figure for this last year was 55 percent. This shows that some of the companies now have to initiate measures.

Health system the most important growth driver
Exhibitors at it-sa were positive about current demand across all sectors polled.

Production and/or industry (86 percent of respondents), computing centres (85 percent) and the health system (83 percent) are currently the customer groups with the largest increases in demand.

In respect of the expected trend in demand in the future, the health system leads the field, with 59 percent of exhibitors expecting positive momentum in this area. Banking/finance and energy suppliers follow in the rankings with 56 and 55 percent respectively.

IT security vendors create jobs
For the third time in succession around three-quarters of the companies exhibiting at it-sa are employing more people than in the previous year.

About the exhibitor survey “Trends and Forecasts in IT Security”
On behalf of NürnbergMesse, independent market research institute Gelszus conducted an online survey between 8 and 25 August 2017 of 533 exhibitors who had registered for it-sa 2017. The participation rate was 21 percent, making the results representative of the exhibitors at it-sa 2017.

The detailed poll results are available at:
www.it-sa.de/exhibitor-survey-2017

Security trade fairs at NürnbergMesse
NürnbergMesse has established and proven expertise in the security field. As the host of events such as Enforce Tac – trade fair for law enforcement, it-sa, it-sa Brasil and it-sa India – trade fairs for IT Security, FeuerTRUTZ – trade fair for preventive fire protection, Perimeter Protection – trade fair for perimeter protection, FIRE & SECURITY INDIA EXPO and U.T.SEC – Unmanned Technologies & Security, it brings together a total of around 1,200 exhibitors and over 30,000 visitors from around the world. For more information please go to: www.nuernbergmesse.de/security

Contact for press and media
Thomas Philipp Haas, Lena Vogl
T +49 911 86 06-83 23
F +49 911 86 06-12 83 23
lena.vogl@nuernbergmesse.de

All press releases and more detailed information, video impressions and photos are available from: www.it-sa.de/en/news