Gartner Forecasts Spending on Information Security in India to Grow 16% in 2025; Indian CISOs Must Adopt Collaborative Risk Management for Secure AI Transformation in 2025
FinTech BizNews Service
MUMBAI, March 11, 2025 — End-user spending on information security in India is projected to total $3.3 billion in 2025, an increase of 16.4% from 2024, according to a new forecast from Gartner, Inc.
“Persistent security challenges, such as data sprawl from generative AI (GenAI) use, ransomware attacks, evolving regulatory landscapes, and robust cloud adoption are driving Indian enterprises to increase their information security spending across all segments in 2025,” said Shailendra Upadhyay, Sr Principal at Gartner. “These urgent challenges necessitate real-time threat detection and incident response across hybrid ecosystems.”
“Consequently, chief information security officers (CISOs) in India are prompted to focus on strategic investments in cloud security, access management, and data security and privacy to strengthen organization’s security posture and support business resilience.”
Gartner analysts are discussing key strategies and the latest cybersecurity technologies to navigate the evolving threat landscape and enhance business resilience at the Gartner Security & Risk Management Summit, taking place here through today.
Building on the momentum from the previous year, security services is projected to record the highest growth among all segments, with an expected 19% increase in 2025 (see Table 1).
Information Security End-User Spending for All Segments in India, 2024-2025 (Millions of U.S. Dollars)
Segment |
2024 Spending | 2024 Growth (%) |
2025 Spending | 2025 Growth (%) |
Network Security | 395 | 10.1 | 448 | 13.3 |
Security Services | 1,346 | 18.8 | 1,602 | 19.0 |
Security Software | 1,131 | 15.2 | 1,294 | 14.4 |
Total | 2,872 | 16.1 | 3,344 | 16.4 |
Source: Gartner (March 2025)
“Organizations are increasingly using managed security functions from specialized agencies to increase focus on their own core operations,” said Upadhyay. “The burgeoning demand for security services is further amplified by a shortage of skilled security professionals, making it challenging to secure and retain in-house expertise. Consequently, reliance on external service providers is expected to rise in 2025 and beyond, fueling the growth of the security services industry.”
Gartner predicts that by 2028, 40% of IT services contracts will include a security component.
Security software spending is projected to reach $1.2 billion in 2025, driven by organizations’ efforts to simplify management through platform consolidation and the rising demand for cloud security amid India’s growing digital startup ecosystem that is dependent on cloud.
“The integration of generative AI models in enterprise applications introduces new data leakage concerns and AI application vulnerabilities, prompting greater investment in security software subsegments such as application security, cloud security, data security, privacy, and infrastructure protection, further fueling the growth of this sector,” said Upadhyay.
Key Cybersecurity Trends to Watch in 2025
In 2025, Indian CISOs will navigate a cybersecurity landscape shaped by GenAI integration and the need to enhance business agility and organizational resilience.
“AI is transforming cybersecurity by decentralizing decision rights and accountability,” said Abhyuday Data, Director Analyst at Gartner. “As business leaders increasingly use AI to drive strategic value, security and risk management (SRM) leaders must embrace collaborative risk management. This approach strengthens cyber risk ownership and ensures data readiness and security for AI initiatives.”
To effectively navigate the challenges of a constantly evolving threat landscape, widening talent gaps, and increasing regulatory oversight, Indian CISOs must prioritize two key cybersecurity trends:
Gartner analysts recommend investing in synthetic data tools as a replacement for traditional anonymization methods, which helps reduce privacy risks and ensure compliance.
Gartner predicts that by 2026, 75% of organizations with GenAI initiatives will shift their spending focus from structured to unstructured data security. This anticipated shift suggests that SRM leaders should reallocate resources to enhance protection for both data types. Furthermore, by leveraging technologies like data security posture management (DSPM), organizations can improve data cataloging, monitoring, and governance, thereby effectively supporting GenAI use cases.
“To foster cyber resilience, security leaders must transition from a zero-tolerance-for-failure mindset to measuring cybersecurity success by the sustained achievement of business outcomes,” said Data. “Enhancing resilience involves implementing cyber deterrence measures and building strong cyberstorage capabilities to actively defend storage systems and data from cyber attacks.”
