Skip to content

Posts tagged ‘ZTNA’

Apr 8

Top 10 security categories where VC funding trails Gartner’s 2026 growth forecast, Crunchbase data

Top 10 security categories where VC funding trails Gartner’s 2026 growth forecast, Crunchbase data

Two of Gartner’s 10 fastest-growing security categories have zero venture-backed startups. Firewall equipment, a $26.7 billion market by 2030, and pure-play cloud access security brokers, projected at $7.1 billion, are controlled entirely by incumbent vendors. No startup has raised a dollar in either category since January 2025.

I cross-referenced Gartner’s 1Q26 Information Security forecast against CB Insights, Crunchbase, and PitchBook funding data for every one of the 10 fastest-growing security categories. The question: where is venture capital following Gartner’s growth signal, and where is it missing?

The answer is stark. $93.2 billion in projected 2030 spending across these 10 categories. $11.2 billion in total VC raised by 59 funded startups. That is an 8.3:1 gap between where enterprise demand is heading and where startup capital is flowing. In 5 of 10 categories, the gap exceeds 12:1. As I detailed in last week’s analysis of the 10 fastest-growing categories, growth is concentrating in cloud infrastructure, proactive intelligence, and privacy compliance. The VC data tells you whether anyone is building what CISOs need to buy.

“Cybersecurity leaders are navigating uncharted territory this year as these forces converge, testing the limits of their teams in an environment defined by constant change,” said Alex Michaels, Director at Gartner. The spending data confirms it. The startup funding data shows the supply side has not caught up.

Two of Gartner’s 10 fastest-growing security categories have zero venture-backed startups. Firewall equipment, a $26.7 billion market by 2030, and pure-play cloud access security brokers, projected at $7.1 billion, are controlled entirely by incumbent vendors. No startup has raised a dollar in either category since January 2025. I cross-referenced Gartner’s 1Q26 Information Security forecast against CB Insights, Crunchbase, and PitchBook funding data for every one of the 10 fastest-growing security categories. The question: where is venture capital following Gartner’s growth signal, and where is it missing? The answer is stark. $93.2 billion in projected 2030 spending across these 10 categories. $11.2 billion in total VC raised by 59 funded startups. That is an 8.3:1 gap between where enterprise demand is heading and where startup capital is flowing. In 5 of 10 categories, the gap exceeds 12:1. As I detailed in last week’s analysis of the 10 fastest-growing categories, growth is concentrating in cloud infrastructure, proactive intelligence, and privacy compliance. The VC data tells you whether anyone is building what CISOs need to buy. “Cybersecurity leaders are navigating uncharted territory this year as these forces converge, testing the limits of their teams in an environment defined by constant change,” said Alex Michaels, Director at Gartner. The spending data confirms it. The startup funding data shows the supply side has not caught up. ▼ GRAPHIC: GRAPHIC 2 — Paired bar chart: Gartner 2030 projection vs. VC raised (insert before master table) ▼ Figure 2: Gartner 2030 projections (dark) vs. total VC raised (light) for each of the 10 categories. The master table: Gartner forecast vs. startup funding by category I mapped each Gartner category against every cybersecurity startup that raised equity or debt since January 2025. Each company is assigned to one primary category to avoid double-counting. Gap Ratio is the Gartner 2030 market projection divided by total VC raised. Higher means wider gap. # Gartner Security Category 2025-26 GR 5yr CAGR 2030 Proj Startups Total VC Gap Ratio Verdict 1 Cloud Access Security Brokers (CASB) 27.2% 24.3% $7.1B 4 $182M 39:1 Critical Gap 2 Firewall Equipment (NGFW/FWaaS) 15.9% 9.1% $26.7B 0 $0 ∞ Incumbent Lock 3 Cloud Security Posture Mgmt (CSPM) 33.4% 27.6% $16.2B 6 $752M 21.5:1 Underfunded 4 Vulnerability Assessment 15.7% 12.0% $6.4B 6 $306M 20.9:1 Underfunded 5 Cloud Workload Protection (CWPP) 25.9% 21.0% $16.1B 8 $1.28B 12.6:1 Underfunded 6 Subject Rights Request Automation 16.2% 12.3% $2.3B 2 $240M 9.6:1 M&A Absorbed 7 Network Detection & Response (NDR) 15.6% 12.4% $4.1B 4 $701M 5.9:1 Moderate Gap 8 Zero Trust Network Access (ZTNA) 23.0% 20.9% $6.4B 10 $1.94B 3.3:1 VC Ahead 9 Threat Intelligence 27.3% 21.1% $6.9B 12 $3.16B 2.2:1 Oversupplied 10 Consent & Preference Mgmt 22.1% 18.6% $2.0B 7 $2.61B 0.8:1 Oversupplied Source: Gartner 1Q26 Information Security Market Current Outlook (G00846158, March 2026). Growth rates in constant currency. Funding data from CB Insights, Crunchbase, PitchBook. Analysis by Software Strategies Blog, April 2026. The table splits cleanly into three tiers. Five categories are underfunded or locked out (Gap Ratio above 9:1). Two sit in the middle. Three are oversupplied or ahead of the Gartner signal. I update this comparison every quarter as Gartner releases new forecast data. Get the next one in your inbox. The 3 widest gaps Gap #1: CASB — 39:1, and the category is disappearing Gartner projects cloud access security brokers reaching $7.1 billion by 2030 at a 24.3% CAGR. Total startup funding since January 2025: $182 million across just 4 companies. Company Total Funding Last Round Lead Investor HQ Founded Reco $85M $30M Series B Zeev Ventures New York 2020 Seraphic Security $44M $29M Series A GreatPoint Ventures Palo Alto / Israel 2020 Nudge Security $35M $22.5M Series A Cerberus Ventures Austin, TX 2021 Spin.AI $18M+ Undisclosed (K1) K1 Investment Mgmt Palo Alto 2017 The gap is structural, not cyclical. Pure-play CASB startups no longer exist as a standalone category. The buying motion has shifted to SASE platforms. Cato Networks raised $409 million in a Series G in June 2025, but that money funds a unified SASE platform spanning CASB, ZTNA, and SD-WAN. For CISOs, the implication is direct. If your CASB requirement is standalone, your vendor options are Netskope, Skyhigh, Forcepoint, and a handful of sub-$50 million startups. Expect fewer competitive bids and less pricing leverage than in categories where VC is abundant. Gap #2: CSPM — 21.5:1, the fastest-growing category is still starved Cloud security posture management is the single fastest-growing category in Gartner’s entire information security forecast. 33.4% growth in 2026. $16.2 billion by 2030 at a 27.6% five-year CAGR. Total startup funding: $752 million across 6 companies. Company Total Funding Last Round Lead Investor HQ Founded Upwind Security $430M $250M Series B Bessemer Venture Partners San Francisco 2022 Noma Security $132M $100M Series B Evolution Equity Partners New York / Tel Aviv 2023 Sentra $100M+ $50M Series B Key1 Capital New York / Tel Aviv 2021 Native Security $42M $31M Series A Ballistic Ventures Tel Aviv / Seattle 2024 Mondoo $32.5M $17.5M Series A Ext HV Capital San Francisco 2020 AccuKnox $15M $4M Venture DreamIt Ventures Menlo Park 2020 Upwind alone accounts for 57% of all CSPM startup capital. It hit unicorn status at a $1.5 billion valuation in January 2026. But one company cannot fill a $16.2 billion market. Alphabet’s $32 billion acquisition of Wiz in March 2026 removed the largest independent cloud security company from the startup market entirely. In my analysis of $3.6 billion in agentic AI security funding, I tracked how M&A is filling gaps that VC has not. CSPM is a category where that pattern is accelerating. Gap #3: Vulnerability Assessment — 20.9:1, the most active seed-stage category Gartner projects vulnerability assessment at $6.4 billion by 2030. Total VC: $306 million across 6 companies. Company Total Funding Last Round Lead Investor HQ Founded Zafran Security $130M $60M Series C Menlo Ventures New York 2022 Seemplicity $82M+ $50M Series B Sienna Venture Capital Tel Aviv 2020 Cogent Security $53M $42M Series A Bain Capital Ventures San Francisco 2024 Nucleus Security $20M+ $20M Series C Undisclosed Tampa, FL 2018 Onit Security $11M $11M Seed Hetz Ventures Tel Aviv 2025 ZAST.AI ~$10M $6M Pre-A Hillhouse Capital Seattle 2024 ▼ GRAPHIC: GRAPHIC 3 — Top funded startups in underfunded categories (insert after Vuln Assess table) ▼ Figure 3: Total funding by startup across the three underfunded categories (CSPM, CWPP, Vulnerability Assessment). This is the category with the most active early-stage investment. Cogent Security and Onit Security both use AI agents for autonomous vulnerability remediation. Zafran tripled ARR since its prior round. The agentic AI thesis is landing hardest in vulnerability management, and the funding trail shows it. Balbix, which had raised $98.6 million, was acquired in November 2025. For CISOs evaluating this category, the vendor field is young and fragmented. Half of the funded companies were founded in 2024 or later. Where VC is ahead of Gartner Three categories show the opposite pattern. In Consent & Preference Management, OneTrust alone has raised $2.1 billion against a $2.0 billion Gartner projection. In Threat Intelligence, $3.16 billion in VC against a $6.9 billion projection, but Dataminr ($1.24B) and ReliaQuest ($1.13B) account for 75% of the total. In ZTNA, Cato Networks’ $1.1 billion alone represents 57% of all category funding. ▼ GRAPHIC: GRAPHIC 4 — Concentration risk donut charts (insert after VC-ahead section) ▼ Figure 4: Single-company concentration in CWPP, ZTNA, and Threat Intelligence funding. The concentration risk matters. Strip out the single largest company in each oversupplied category and the gap ratios invert. Consent without OneTrust: $510 million, Gap Ratio 3.9:1. Threat Intelligence without Dataminr and ReliaQuest: $790 million, Gap Ratio 8.7:1. ZTNA without Cato: $835 million, Gap Ratio 7.7:1. M&A is filling the gaps VC won’t When startups cannot fill the gap, platform vendors acquire. The $3.6 billion in agentic AI security funding and $96 billion in M&A I tracked in March tells this story at scale. Palo Alto Networks assembled $29 billion in acquisitions. ServiceNow spent $11.6 billion. Alphabet closed $32 billion for Wiz. Veeam acquired Securiti.ai for $1.725 billion, removing the leading subject rights automation vendor from the independent market. Forrester’s 2026 cybersecurity budget data confirms the same pattern from the buyer side. Security budgets are growing, but the spend is concentrating in fewer, larger platform purchases. What this means for CISOs In underfunded categories, build internally or accept platform vendor lock-in. CSPM, vulnerability assessment, and CWPP all have Gap Ratios above 12:1. Fewer funded startups means fewer competitive alternatives. If your preferred vendor gets acquired, as Wiz, Securiti.ai, and Balbix all were, your roadmap depends on the acquirer’s priorities, not yours. In oversupplied categories, use the competition for better pricing. ZTNA, threat intelligence, and consent management have abundant VC-backed alternatives. Negotiate harder. Run competitive evaluations with three or more vendors. The funding data tells you which categories give you leverage. Watch for single-company concentration. Chainguard holds 70% of all CWPP startup funding. Cato holds 57% of ZTNA. OneTrust holds 80% of consent management. If any of these companies pivots, gets acquired, or fails, the category funding picture changes overnight. Bottom line Gartner projects $93.2 billion in 2030 spending across the 10 fastest-growing security categories. Venture capital has funded $11.2 billion in startups since January 2025. The 8.3:1 blended gap tells you the overall story. The category-level ratios tell you where to act. Cloud security posture management, vulnerability assessment, and cloud workload protection are growing at 2x to 3x the market average but remain underfunded relative to Gartner’s projections. Two categories, firewall equipment and pure-play CASB, have no startup investment at all. Platform vendors are filling gaps through acquisition at a pace that is reshaping every competitive evaluation. This is the third quarter I have tracked Gartner’s security forecast against independent funding data. The gap between enterprise demand and startup supply keeps widening. Gartner’s 2Q26 forecast lands in July. I will break down the updated Gap Ratios the week it drops. I wrote a shorter editorial take on what these gaps mean for CISO budgets on my Substack. Source: Gartner, Information Security Market Current Outlook, Worldwide, 1Q26 (G00846158), March 2026. Growth rates in constant currency. Dollar figures in current U.S. dollars. Funding data from CB Insights, Crunchbase, PitchBook, Statista. Cross-referenced against company press releases. Analysis by Software Strategies Blog.

The master table: Gartner forecast vs. startup funding by category

I mapped each Gartner category against every cybersecurity startup that raised equity or debt since January 2025. Each company is assigned to one primary category to avoid double-counting. Gap Ratio is the Gartner 2030 market projection divided by total VC raised. Higher means wider gap.

# Gartner Security Category 2025-26 GR 5yr CAGR 2030 Proj Startups Total VC Gap Ratio Verdict
1 Cloud Access Security Brokers (CASB) 27.2% 24.3% $7.1B 4 $182M 39:1 Critical Gap
2 Firewall Equipment (NGFW/FWaaS) 15.9% 9.1% $26.7B 0 $0 Incumbent Lock
3 Cloud Security Posture Mgmt (CSPM) 33.4% 27.6% $16.2B 6 $752M 21.5:1 Underfunded
4 Vulnerability Assessment 15.7% 12.0% $6.4B 6 $306M 20.9:1 Underfunded
5 Cloud Workload Protection (CWPP) 25.9% 21.0% $16.1B 8 $1.28B 12.6:1 Underfunded
6 Subject Rights Request Automation 16.2% 12.3% $2.3B 2 $240M 9.6:1 M&A Absorbed
7 Network Detection & Response (NDR) 15.6% 12.4% $4.1B 4 $701M 5.9:1 Moderate Gap
8 Zero Trust Network Access (ZTNA) 23.0% 20.9% $6.4B 10 $1.94B 3.3:1 VC Ahead
9 Threat Intelligence 27.3% 21.1% $6.9B 12 $3.16B 2.2:1 Oversupplied
10 Consent & Preference Mgmt 22.1% 18.6% $2.0B 7 $2.61B 0.8:1 Oversupplied

Source: Gartner 1Q26 Information Security Market Current Outlook (G00846158, March 2026). Growth rates in constant currency. Funding data from CB Insights, Crunchbase, PitchBook. Analysis by Software Strategies Blog, April 2026.

The table splits cleanly into three tiers. Five categories are underfunded or locked out (Gap Ratio above 9:1). Two sit in the middle. Three are oversupplied or ahead of the Gartner signal.

I update this comparison every quarter as Gartner releases new forecast data. Get the next one in your inbox.

The 3 widest gaps

Gap #1: CASB — 39:1, and the category is disappearing

Gartner projects cloud access security brokers reaching $7.1 billion by 2030 at a 24.3% CAGR. Total startup funding since January 2025: $182 million across just 4 companies.

Company Total Funding Last Round Lead Investor HQ Founded
Reco $85M $30M Series B Zeev Ventures New York 2020
Seraphic Security $44M $29M Series A GreatPoint Ventures Palo Alto / Israel 2020
Nudge Security $35M $22.5M Series A Cerberus Ventures Austin, TX 2021
Spin.AI $18M+ Undisclosed (K1) K1 Investment Mgmt Palo Alto 2017

The gap is structural, not cyclical. Pure-play CASB startups no longer exist as a standalone category. The buying motion has shifted to SASE platforms. Cato Networks raised $409 million in a Series G in June 2025, but that money funds a unified SASE platform spanning CASB, ZTNA, and SD-WAN.

For CISOs, the implication is direct. If your CASB requirement is standalone, your vendor options are Netskope, Skyhigh, Forcepoint, and a handful of sub-$50 million startups. Expect fewer competitive bids and less pricing leverage than in categories where VC is abundant.

Gap #2: CSPM — 21.5:1, the fastest-growing category is still starved

Cloud security posture management is the single fastest-growing category in Gartner’s entire information security forecast. 33.4% growth in 2026. $16.2 billion by 2030 at a 27.6% five-year CAGR. Total startup funding: $752 million across 6 companies.

Company Total Funding Last Round Lead Investor HQ Founded
Upwind Security $430M $250M Series B Bessemer Venture Partners San Francisco 2022
Noma Security $132M $100M Series B Evolution Equity Partners New York / Tel Aviv 2023
Sentra $100M+ $50M Series B Key1 Capital New York / Tel Aviv 2021
Native Security $42M $31M Series A Ballistic Ventures Tel Aviv / Seattle 2024
Mondoo $32.5M $17.5M Series A Ext HV Capital San Francisco 2020
AccuKnox $15M $4M Venture DreamIt Ventures Menlo Park 2020

Upwind alone accounts for 57% of all CSPM startup capital. It hit unicorn status at a $1.5 billion valuation in January 2026. But one company cannot fill a $16.2 billion market.

Alphabet’s $32 billion acquisition of Wiz in March 2026 removed the largest independent cloud security company from the startup market entirely. In my analysis of $3.6 billion in agentic AI security funding, I tracked how M&A is filling gaps that VC has not. CSPM is a category where that pattern is accelerating.

Gap #3: Vulnerability Assessment — 20.9:1, the most active seed-stage category

Gartner projects vulnerability assessment at $6.4 billion by 2030. Total VC: $306 million across 6 companies.

Company Total Funding Last Round Lead Investor HQ Founded
Zafran Security $130M $60M Series C Menlo Ventures New York 2022
Seemplicity $82M+ $50M Series B Sienna Venture Capital Tel Aviv 2020
Cogent Security $53M $42M Series A Bain Capital Ventures San Francisco 2024
Nucleus Security $20M+ $20M Series C Undisclosed Tampa, FL 2018
Onit Security $11M $11M Seed Hetz Ventures Tel Aviv 2025
ZAST.AI ~$10M $6M Pre-A Hillhouse Capital Seattle 2024

 

This is the category with the most active early-stage investment. Cogent Security and Onit Security both use AI agents for autonomous vulnerability remediation. Zafran tripled ARR since its prior round. The agentic AI thesis is landing hardest in vulnerability management, and the funding trail shows it.

Balbix, which had raised $98.6 million, was acquired in November 2025. For CISOs evaluating this category, the vendor field is young and fragmented. Half of the funded companies were founded in 2024 or later.

Where VC is ahead of Gartner

Three categories show the opposite pattern. In Consent & Preference Management, OneTrust alone has raised $2.1 billion against a $2.0 billion Gartner projection. In Threat Intelligence, $3.16 billion in VC against a $6.9 billion projection, but Dataminr ($1.24B) and ReliaQuest ($1.13B) account for 75% of the total. In ZTNA, Cato Networks’ $1.1 billion alone represents 57% of all category funding.

The concentration risk matters. Strip out the single largest company in each oversupplied category and the gap ratios invert. Consent without OneTrust: $510 million, Gap Ratio 3.9:1. Threat Intelligence without Dataminr and ReliaQuest: $790 million, Gap Ratio 8.7:1. ZTNA without Cato: $835 million, Gap Ratio 7.7:1.

M&A is filling the gaps VC won’t

When startups cannot fill the gap, platform vendors acquire. The $3.6 billion in agentic AI security funding and $96 billion in M&A I tracked in March tells this story at scale. Palo Alto Networks assembled $29 billion in acquisitions. ServiceNow spent $11.6 billion. Alphabet closed $32 billion for Wiz. Veeam acquired Securiti.ai for $1.725 billion, removing the leading subject rights automation vendor from the independent market.

Forrester’s 2026 cybersecurity budget data confirms the same pattern from the buyer side. Security budgets are growing, but the spend is concentrating in fewer, larger platform purchases.

What this means for CISOs

In underfunded categories, build internally or accept platform vendor lock-in. CSPM, vulnerability assessment, and CWPP all have Gap Ratios above 12:1. Fewer funded startups means fewer competitive alternatives. If your preferred vendor gets acquired, as Wiz, Securiti.ai, and Balbix all were, your roadmap depends on the acquirer’s priorities, not yours.

In oversupplied categories, use the competition for better pricing. ZTNA, threat intelligence, and consent management have abundant VC-backed alternatives. Negotiate harder. Run competitive evaluations with three or more vendors. The funding data tells you which categories give you leverage.

Watch for single-company concentration. Chainguard holds 70% of all CWPP startup funding. Cato holds 57% of ZTNA. OneTrust holds 80% of consent management. If any of these companies pivots, gets acquired, or fails, the category funding picture changes overnight.

Bottom line

Gartner projects $93.2 billion in 2030 spending across the 10 fastest-growing security categories. Venture capital has funded $11.2 billion in startups since January 2025. The 8.3:1 blended gap tells you the overall story. The category-level ratios tell you where to act.

Cloud security posture management, vulnerability assessment, and cloud workload protection are growing at 2x to 3x the market average but remain underfunded relative to Gartner’s projections. Two categories, firewall equipment and pure-play CASB, have no startup investment at all. Platform vendors are filling gaps through acquisition at a pace that is reshaping every competitive evaluation.

This is the third quarter I have tracked Gartner’s security forecast against independent funding data. The gap between enterprise demand and startup supply keeps widening. Gartner’s 2Q26 forecast lands in July. I will break down the updated Gap Ratios the week it drops. I wrote a shorter editorial take on what these gaps mean for CISO budgets on my Substack.

Source: Gartner, Information Security Market Current Outlook, Worldwide, 1Q26 (G00846158), March 2026. Growth rates in constant currency. Dollar figures in current U.S. dollars. Funding data from CB Insights, Crunchbase, PitchBook, Statista. Cross-referenced against company press releases. Analysis by Software Strategies Blog.

 

Jan 13

Gartner’s 4Q25 Information Security forecast shows 15 categories capturing half of all new security spending through 2029

Gartner's 4Q25 Information Security forecast shows 15 categories capturing half of all new security spending through 2029

Fifteen cybersecurity categories are growing up to three times faster than the overall market, capturing $48.7 billion in new spending by 2029.

That’s nearly half of the $98.4 billion the entire security market will add over the next four years. Cloud Security Posture Management leads the pack at 29.36% CAGR. Cloud Access Security Brokers follow at 24.81%.

Enterprises are fundamentally restructuring their security budgets, and the driver is brutal in its simplicity. Organizations now manage an average of 112 SaaS applications across multiple cloud providers. 82% of misconfigurations are caused by human error, according to Exabeam’s analysis. And Gartner estimates 99% of cloud security failures through 2025 will be the customer’s fault, primarily from these misconfigurations. Manual oversight breaks under this kind of scale. Enterprises are responding by investing in automation that manages what people can’t across hundreds of cloud accounts, thousands of APIs, and millions of attack vectors.

Gartner’s 4Q25 update delivers the clearest signal yet about where enterprise security budgets are heading. The overall information security market grows from $213.5 billion in 2025 to $311.9 billion by 2029 at 10.03% CAGR. These fifteen high-growth categories are expanding at 10.30% to 29.36% CAGR, capturing investment dollars at rates that dwarf legacy security spending patterns.

What makes these categories different

Every high-growth category eliminates manual bottlenecks that break under cloud-native workloads. CSPM scans configurations continuously. CASB provides visibility into unauthorized SaaS usage. ZTNA verifies every connection rather than trusting the network location. With 79% of organizations using multiple cloud providers, according to Spacelift’s research, manual processes create mathematical impossibilities.

These technologies prevent problems rather than clean up after them. CSPM catches misconfigurations before breaches. ZTNA eliminates the attack surface that VPNs create. Tokenization protects data even when systems get compromised. Security teams are finally getting ahead of threats instead of constantly playing catch-up.

And the ROI is quantifiable. IBM’s 2025 Cost of a Data Breach Report shows organizations using AI and automation extensively save $1.9 million per breach and reduce breach lifecycles by 80 days. U.S. breach costs average $10.22 million. These investments pay for themselves with a single prevented incident—a calculation CFOs understand.

Gartner's 4Q25 Information Security forecast shows 15 categories capturing half of all new security spending through 2029

The 15 categories reshaping enterprise security

1. Cloud Security Posture Management (CSPM) — 29.36% CAGR — $4.68B → $12.76B

CSPM platforms scan infrastructure continuously across AWS, Azure, and Google Cloud, automatically remediating misconfigurations before they become breaches. The 82% human error rate isn’t going to improve through training. Organizations managing 100+ cloud accounts need automation. CSPM adds $8.09 billion in new spending by 2029, the single largest dollar contribution among high-growth segments.

2. Cloud Access Security Brokers (CASB) — 24.81% CAGR — $2.30B → $5.58B

Here’s the brutal reality. Enterprises average 112 SaaS applications, but shadow IT accounts for 42% of all applications per JumpCloud’s data. IT stays blind to roughly 78 apps out of an average 187-app environment. The damage? 65% of shadow IT deployments result in data loss, and 52% lead to breaches, according to Mimecast research. CASBs restore visibility and control, growing to $5.58 billion by 2029.

3. Zero Trust Network Access (ZTNA) — 21.95% CAGR — $2.48B → $5.43B

ZTNA replaces the VPN model with application-specific access controls. Instead of network-level access, it provides application-specific connections verified for every request. Gartner predicts 70% of new remote access deployments will use ZTNA by 2025, up from less than 10% at the end of 2021. And 65% of companies plan to retire VPNs within one year per Cybersecurity Insiders data. This represents a wholesale rethinking of secure access. The perimeter-based model is dying. Good riddance.

4. Threat Intelligence — 21.73% CAGR — $2.58B → $5.69B

Modern threat intelligence platforms fuse telemetry from open-source intelligence, dark-web monitoring, vendor feeds, and internal logs. Machine learning prioritizes indicators based on organizational relevance. IBM data shows organizations integrating threat intelligence reduce detection and escalation costs while cutting incidents by 30%. The market reaches $5.69 billion by 2029 as enterprises shift from passive threat feeds to automated response integration.

5. Cloud Workload Protection Platforms (CWPP) — 21.53% CAGR — $5.98B → $13.11B

Traditional endpoint security can’t protect containers that spin up and vanish in seconds. Serverless functions executing for milliseconds? Legacy tools weren’t designed for that. CWPP solutions instrument workloads directly at the kernel or hypervisor level, monitoring system calls, file access, and network connections in real-time. The 21.53% CAGR reflects the rapid shift toward microservices and Kubernetes. As workloads migrate into container clusters, protecting them becomes a survival-level priority.

6. Consent and Preference Management — 20.22% CAGR — $0.81B → $1.64B

GDPR fines surpassed €5.88 billion by January 2025, according to DLA Piper’s annual survey. California’s CCPA penalties keep climbing. The California Privacy Protection Agency recently fined Todd Snyder $345,178 for inadequate opt-out and privacy request processes. Manual consent workflows can’t meet regulatory deadlines across jurisdictions. Automated platforms centralize preferences across web, mobile, and API endpoints while providing auditable logs for regulators.

7. Subject Rights Request (SRR) Automation — 14.26% CAGR — $1.24B → $2.01B

When users demand “delete my data,” these platforms automate orchestration across internal systems and third-party vendors. Privacy laws grant individuals rights to access, correct, and delete personal data with strict compliance timelines. SRR automation prevents the penalties that result from manual processing failures at scale, especially as more jurisdictions implement data privacy regulations.

8. Network Detection and Response (NDR) — 13.44% CAGR — $2.15B → $3.37B

NDR platforms establish behavioral baselines using statistical analysis and machine learning. When anomalies appear (unusual lateral movement, data exfiltration attempts, command-and-control traffic), they raise alerts or automatically isolate systems. The mindset shift matters here. Rather than hoping to prevent all attacks, sophisticated organizations invest in rapid detection that minimizes damage when attackers inevitably breach perimeters. Prevention alone isn’t sufficient anymore.

9. Vulnerability Assessment — 13.02% CAGR — $3.48B → $5.60B

Quarterly vulnerability scans are obsolete in CI/CD pipelines deploying multiple times daily. Modern assessment platforms provide continuous scanning integrated with exploit intelligence to prioritize patches based on real-world risk. DevOps teams need vulnerability detection that keeps pace with their deployment cadence. Anything less creates unacceptable exposure windows.

10. Tokenization — 12.68% CAGR — $1.34B → $2.11B

Tokenization replaces sensitive data with non-reversible tokens that can’t be mathematically decoded. The urgency comes from quantum computing advances. NIST finalized post-quantum encryption standards in August 2024, including ML-KEM (formerly CRYSTALS-Kyber) and ML-DSA (formerly CRYSTALS-Dilithium). Attackers already practice “harvest now, decrypt later”—collecting encrypted data today for quantum decryption within five to ten years. Organizations must begin quantum-safe transitions now.

11. Endpoint Protection Platform (EPP) — 12.51% CAGR — $17.68B → $28.36B

The largest single category adds $10.68 billion in new spending as ransomware attacks surge. U.S. ransomware attacks increased 149% year-over-year—from 152 incidents in early 2024 to 378 in the same period of 2025, according to Cyble analysis. Next-generation EPP platforms use behavioral analytics and signatureless detection to stop ransomware before encryption begins, catching what traditional antivirus misses.

12. Secure Web Gateway (SWG) — 11.63% CAGR — $4.44B → $6.74B

Malicious sites appear and disappear in hours. Cloud-delivered SWGs update threat intelligence in real-time, protecting remote and hybrid workforces wherever they connect. Integration with ZTNA creates comprehensive security that follows users across devices and locations without relying on network perimeters that no longer exist.

13. Web Application Firewalls (WAF) — 10.92% CAGR — $2.48B → $3.74B

Organizations expose hundreds of APIs and microservices—each a potential attack vector. Traditional network firewalls can’t inspect application-layer attacks like SQL injection, cross-site scripting, or API abuse. Modern WAFs use machine learning to differentiate legitimate user behavior from attack traffic without blocking customers. Getting that balance right is harder than it sounds.

14. Encryption — 10.64% CAGR — $1.35B → $1.98B

NIST’s standardization of quantum-resistant algorithms signals the urgency that organizations can no longer ignore. With quantum computing advances accelerating, encrypted data collected today faces decryption within a decade. Enterprises must transition to post-quantum cryptography now because full integration across complex environments takes years. This isn’t theoretical risk anymore.

15. Security Information and Event Management (SIEM) — 10.30% CAGR — $7.60B → $11.15B

AI transforms SIEM from reactive log collection to proactive threat hunting. The latest platforms embed unsupervised machine learning to detect zero-day attacks and automatically enrich alerts with context. Organizations using AI-powered automation save $1.9 million per breach and cut incident lifecycles by 80 days—turning security operations into a competitive advantage rather than a cost center.

Why this matters

Cloud complexity has proven exponential. With 79% of organizations using multiple cloud providers and managing hundreds of accounts, manual security processes break under the load. The 29.36% CAGR for CSPM isn’t market optimism. It’s organizational survival.

Shadow AI joins shadow IT as a core threatscape element. Shadow AI breaches cost $4.63 million—$670,000 more than standard incidents, according to IBM data. But AI also powers the best defenses, with automated security tools reducing breach lifecycles by 80 days. The same technology that creates vulnerabilities offers the most effective countermeasures.

Compliance costs keep accelerating. Between GDPR, CCPA, and emerging global regulations, manual compliance processes create escalating liability. Automated platforms turn regulatory requirements into competitive advantages by reducing fine exposure and accelerating data subject request responses.

Bottom Line

The organizations winning this transformation aren’t those with the largest security budgets. They’re the ones investing in the right categories at the right time. These fifteen segments define what modern security architecture looks like and capture nearly half of all new security spending through 2029.

Gartner’s 4Q25 data delivers a clear message. Security spending is shifting to automation-driven, zero-trust, cloud-native architectures. Organizations still relying on legacy approaches aren’t just falling behind. They’re accepting risks the market has already priced as unacceptable.

Source: Gartner Forecast: Information Security, Worldwide, 2023-2029, 4Q25 Update (Document G00843183, published December 18, 2025), showing overall market growth from $213.5B (2025) to $311.9B (2029) at 10.03% CAGR in constant currency.

 

 

Nov 26

15 fastest-growing security categories in Gartner’s 3Q25 Information Security Forecast

15 fastest-growing security categories in Gartner's 3Q25 Information Security Forecast

Cloud Security Posture Management is growing at a 31.23% CAGR. Zero Trust Network Access at 23.25%. Threat Intelligence at 22.17%. The overall security market? Just 10.55%. Fifteen categories are outpacing the market by two to three times, collectively capturing $106 billion in new spending by 2029. Enterprise security budgets aren’t just expanding. They’re being redirected.

And the driver? Brutally simple.

Gartner estimates 99% of cloud security failures through 2025 will be the customer’s fault, primarily due to misconfigurations. Organizations are responding by investing aggressively in technologies that automate what humans simply can’t manage manually across hundreds of cloud accounts, thousands of APIs, and millions of potential attack vectors.

What these growth rates say about Gartner’s view of the market 

These fifteen categories represent $106.4 billion in new spending by 2029, growing from today’s baseline. What do they have in common? Three characteristics that explain why enterprises are pouring money into them:

  • Automation at Scale. Every high-growth category automates processes that break when done manually, whether it’s scanning cloud configurations, managing consent across jurisdictions, or detecting behavioral anomalies in network traffic. There’s no other way to keep pace.
  • Proactive vs. Reactive. These technologies prevent problems rather than clean up after them. CSPM catches misconfigurations before breaches. ZTNA eliminates the attack surface that VPNs create. Tokenization protects data even if systems are compromised. Security teams are finally getting ahead of the threat curve instead of playing catch-up.
  • Measurable ROI. IBM’s 2025 Cost of a Data Breach Report shows organizations using AI and automation extensively save $1.9 million per breach and reduce breach lifecycle by 80 days. With U.S. breach costs hitting $10.22 million, these investments pay for themselves with a single prevented incident.

15 fastest-growing security categories in Gartner's 3Q25 Information Security Forecast

The 15 categories reshaping security architecture

1. Cloud Security Posture Management (CSPM) | 31.23% CAGR | $2.5B → $13.0B

CSPM tools continuously scan infrastructure across AWS, Azure, and Google Cloud. With 82% of misconfigurations caused by human error and organizations managing 100+ cloud accounts, CSPM automates what’s mathematically impossible to do manually. The market will reach $15.6 billion by 2032.

2. Cloud Access Security Brokers (CASB) | 25.82% CAGR | $1.5B → $5.8B

Here’s a reality check. Enterprises average 112 SaaS applications, but shadow IT, or unauthorized apps, accounts for 42% of all applications. IT remains unaware of one-third of the apps on its networks. The damage? 65% of shadow IT companies suffer data loss, and 52% experience breaches. CASBs transform this chaos into visibility and control.

3. Zero Trust Network Access (ZTNA) | 23.25% CAGR | $1.6B → $5.6B

ZTNA kills the VPN model. Instead of network access, it provides application-specific connections verified for every request. Gartner predicts 70% of new remote access deployments will use ZTNA by 2025. With 65% of companies planning to replace VPNs, this shift represents a wholesale rethinking of secure access. The perimeter-based model is dying. Good riddance.

4. Cloud Workload Protection Platforms (CWPP) | 22.78% CAGR | $3.9B → $13.5B

CWPP platforms secure everything from traditional VMs to containers that exist for milliseconds. Legacy endpoint security can’t protect ephemeral containers or serverless functions—it wasn’t designed for workloads that appear and disappear in seconds. The shift to microservices demands purpose-built security.

5. Consent and Preference Management | 22.39% CAGR | $0.5B → $1.7B

GDPR fines reached €5.88 billion by January 2025, according to the DLA Piper GDPR Fines and Data Breach Survey. California’s CCPA penalties continue climbing; the California Privacy Protection Agency fined Todd Snyder $345,178 for inadequate opt-out and privacy request processes. Manual handling can’t meet regulatory deadlines. Automation prevents massive fines.

6. Threat Intelligence | 22.17% CAGR | $1.8B → $5.8B

IBM data shows threat intelligence reduces detection and escalation costs by $1.63 million while cutting incidents by 30%. Modern platforms aggregate data about bad actors and vulnerabilities, transforming raw threat data into automated responses across security stacks. The days of threat feeds sitting in dashboards, unused, are over.

7. Subject Rights Request Automation | 16.53% CAGR | $0.8B → $2.1B

When users demand “delete my data,” these platforms automate the process across all systems. Manual handling doesn’t scale, not when you’re managing requests across multiple jurisdictions with different requirements and tight deadlines.

8. Tokenization | 14.26% CAGR | $1.0B → $2.2B

Tokenization replaces sensitive data with meaningless tokens that can’t be mathematically reversed. Why the urgency now? NIST standardized quantum-resistant algorithms, including ML-KEM (formerly CRYSTALS-Kyber), in August 2024. Organizations are preparing for quantum threats expected within five to ten years.

9. Network Detection and Response (NDR) | 14.05% CAGR | $1.6B → $3.5B

NDR platforms use AI to establish behavioral baselines and detect anomalies signaling compromise. Here’s the mindset shift: rather than hoping to prevent all attacks, innovative organizations invest in rapid detection that minimizes damage when sophisticated attackers inevitably get through. Prevention isn’t enough anymore.

10. Vulnerability Assessment | 13.98% CAGR | $2.6B → $5.7B

Cloud infrastructure changes constantly. Quarterly scans are obsolete before they finish. Modern platforms provide continuous scanning in CI/CD pipelines, prioritizing based on real-world exploit data. DevOps teams deploying daily need vulnerability detection that keeps pace. Anything less is theater.

11. Endpoint Protection Platform (EPP) | 13.61% CAGR | $13.5B → $29.1B

The largest category doubles to $29.1 billion as ransomware attacks surge. According to Cyble analysis cited by TechTarget, U.S. ransomware attacks increased by 149% year-over-year in the first five weeks of 2025. Manufacturing led targets with 638 attacks in 2023, per Statista data compiled by Fortinet. Next-gen EPP uses behavioral analytics to stop ransomware before encryption begins—catching what traditional antivirus misses.

12. Secure Web Gateway (SWG) | 13.26% CAGR | $3.3B → $7.0B

Malicious sites appear and disappear in hours. Cloud-delivered SWGs update threat intelligence in real-time, protecting remote workers wherever they connect. Integration with ZTNA creates comprehensive security that follows users across devices and locations. The old perimeter? It no longer exists.

13. Web Application Firewalls (WAF) | 11.93% CAGR | $2.0B → $3.8B

Organizations expose hundreds of APIs, each a potential attack vector. Traditional network firewalls can’t inspect application-layer attacks. Modern WAFs use machine learning to distinguish legitimate users from attackers without blocking customers. Getting that balance right is harder than it sounds.

14. Encryption | 11.90% CAGR | $1.0B → $2.0B

NIST’s standardization of quantum-resistant algorithms signals urgency. Attackers already practice “harvest now, decrypt later”—collecting encrypted data for future quantum decryption. Organizations must transition to post-quantum cryptography now, as full integration takes years. This isn’t theoretical risk anymore.

15. Security Information and Event Management (SIEM) | 11.74% CAGR | $5.8B → $11.3B

AI transforms SIEM from reactive to proactive. Organizations using AI-powered automation save $1.9 million per breach, according to IBM’s newsroom. Machine learning models identify attack patterns and detect zero-day threats before signatures exist, turning security operations into a competitive advantage.

The Investment Thesis behind the numbers

These growth rates reflect three converging realities:

  • Cloud Complexity Is Exponential. With 79% of organizations using multiple cloud providers and managing hundreds of accounts, manual security is mathematically impossible. The 31.23% CAGR for CSPM isn’t optimism, it’s survival.
  • AI Changes Everything. Shadow AI breaches cost $4.63 million, $670,000 more than standard incidents. But AI also powers the defense, with automated security tools reducing breach lifecycles by 80 days. The same technology that creates vulnerabilities offers the best defense.
  • Compliance Costs Are Skyrocketing. Between GDPR, CCPA, and emerging regulations, manual compliance is a liability that grows daily. Automation platforms turn regulatory requirements into competitive advantages.

The Bottom Line

The organizations winning this race aren’t those with the most significant security budgets; they’re those investing in the right categories at the right time. These fifteen segments aren’t just growing fast; they’re defining what modern security architecture looks like.

The message from Gartner’s data is unambiguous: security spending is shifting from reactive to proactive, from manual to automated, from perimeter-based to zero-trust. Organizations still relying on legacy approaches aren’t just falling behind; they’re accepting risks that the market has already priced as unacceptable.

Source: Gartner Information Security Forecast 3Q25 Update (Document G00839334), showing overall market growth from $215.8B (2025) to $322.2B (2029) at 10.55% CAGR

Mar 10

Gartner Predicts Solid Growth for Information Security, Reaching $287 Billion by 2027

Gartner Predicts Solid Growth for Information Security, Reaching $287 Billion by 2027

Image created in DALL-E

AI continues to become more weaponized with nation-state attackers and cybercrime gangs experimenting with LLMs and gen AI-based attack tradecraft. The age of weaponized LLMs is here.

At the same time, multi-cloud-based infrastructures more businesses rely on are coming under attack. Exfiltrating any identity data available from endpoints and then traversing a network to gain more access by collecting more credential data is often the goal.

Cyberattacks that combine AI and social engineering are just beginning  

Attackers have a version of human-in-the-middle, too, but their goal is to unleash AI’s offensive attack capabilities within social engineering campaigns. Last year’s social engineering-based attacks on MGM, Comcast, Shield Healthcare Group, and others serve as a case in point.

CrowdStrike’s 2024 Global Threat Report finds that cloud intrusions jumped 75% last year. There was a 76% increase in data theft victims named on data leak sites and a 60% increase in interactive intrusion campaigns. Worse, 75% of attacks were malware-free, making them difficult to identify and stop. There was also a 110% YoY increase in cloud-conscious cases.

PwC’s 2024 Digital Trust Insights Report finds that 97% of senior management teams have gaps in their cloud risk management plans. 47% say cloud attacks are their most urgent threat. One in three senior management teams is prioritizing cloud security as their top investment this year.

Gartner sees a more complex threatscape driving growth

Gartner’s Forecast: Information Security and Risk Management, Worldwide, 2021-2027, 4Q23 Update report predicts the information security and risk management market will grow from $185 billion in 2023 to $287 billion in 2027, attaining a compound annual growth rate of 11% in constant currency.

Nation-state attackers are picking up the pace of their stealthy AI arms race. They’re looking to score offensive first victories on an increasingly active digital battlefield. Gartner predicts that in 2027, 17% of the total cyberattacks and data leaks will involve generative AI.

Another key assumption driving Gartner’s latest forecast is that by 2025, user efficiency improvements will drive at least 35% of security vendors to offer large language model (LLM)-driven chat capabilities for users to interact with their applications and data, up from 1% in 2022.

Gartner has also factored in the surge in cloud attacks and the continued growth of hybrid workforces. One of their key assumptions driving the forecast is that “by the end of 2026, the democratization of technology, digitization, and automation of work will increase the total available market of fully remote and hybrid workers to 64% of all employees, up from 52% in 2021.”

Gartner Predicts Solid Growth for Information Security, Reaching $287 Billion by 2027

Source: Gartner, Forecast Analysis: Information Security and Risk Management, Worldwide, Published February 29, 2024

Source: Gartner, Forecast Analysis: Information Security and Risk Management, Worldwide, Published 29 February 2024

Key takeaways from Gartner’s forecast

Market subsegments predicted to see the most significant growth through 2027 include the following:

  • Gartner has high expectations for Zero Trust Network Access (ZTNA) growth, stating the worldwide market was worth $575.7 million in 2021 and predicting it will soar to $3.99 billion in 2027, attaining a 31.6% CAGR in the forecast period.
  • Identity Access Management (IAM) is predicted to grow from $4 billion in 2021 to $11.1 billion in 2027, attaining a 17.6% CAGR. Identity Governance and Administration software is predicted to grow from $2.8 billion in 2021 to $5.77 billion in 2027, attaining a 12.8% CAGR.
  • Endpoint Protection Platforms (EPP) are predicted to grow from $9.8 billion in 2021 to $26.9 billion in 2027, achieving a 17.2% CAGR.
  • Threat Intelligence software is predicted to grow from $1.1 billion in 2021 to $2.79 billion in 2027, growing at a 15.6% CAGR through the forecast period.
  • Cloud Access Security Brokers (CASB) is predicted to grow from $928M in 2021 to $4.75 billion in 2027, attaining a CAGR of 30.2%. Gartner believes that the market share of cloud-native solutions will continue to grow. They are predicting that the combined market for cloud access security brokers (CASBs) and cloud workload protection platforms (CWPPs) will reach $12.8 billion in constant currency by 2027, up from $4.6 billion in 2022. Gartner continues to also see strong demand for cloud-based detection and response solutions that include endpoint detection and response (EDR) and managed detection and response (MDR).