The end-user spending on information security in the country is projected to rise 16.4% year-on-year to $3.3 billion in 2025, according to a new forecast from Gartner.
“Persistent security challenges, such as data sprawl from generative AI (GenAI) use, ransomware attacks, evolving regulatory landscapes, and robust cloud adoption are driving Indian enterprises to increase their information security spending across all segments in 2025,” said Shailendra Upadhyay, senior principal at Gartner. “These urgent challenges necessitate real-time threat detection and incident response across hybrid ecosystems.”
He added, “Consequently, chief information security officers (CISOs) in India are prompted to focus on strategic investments in cloud security, access management, and data security and privacy to strengthen organisation’s security posture and support business resilience.”
Gartner analysts are focusing on key strategies and the latest cybersecurity technologies to navigate the evolving threat landscape and enhance business resilience at the Gartner Security & Risk Management Summit in Mumbai.
Building on the momentum from the previous year, security services is projected to record the highest growth among all segments, with an expected 19% increase in 2025. According to Gartner, network security spending is expected to rise 13.3% to $448 million in 2025, security services by 19% to $1.6 billion, and security software by 14.4% to $1.2 billion.
“Organisations are increasingly using managed security functions from specialised agencies to increase focus on their own core operations,” said Upadhyay. “The burgeoning demand for security services is further amplified by a shortage of skilled security professionals, making it challenging to secure and retain in-house expertise. Consequently, reliance on external service providers is expected to rise in 2025 and beyond, fuelling the growth of the security services industry.”
Further, Gartner predicts that by 2028, 40% of IT services contracts will include a security component.
Security software spending is projected to reach $1.2 billion in 2025, driven by organisations’ efforts to simplify management through platform consolidation and the rising demand for cloud security amid India’s growing digital startup ecosystem that is dependent on cloud.
Key cybersecurity trends to watch in 2025
In 2025, Indian CISOs will navigate a cybersecurity landscape shaped by GenAI integration and the need to enhance business agility and organisational resilience.
“AI is transforming cybersecurity by decentralising decision rights and accountability,” said Abhyuday Data, Director Analyst at Gartner. “As business leaders increasingly use AI to drive strategic value, security and risk management (SRM) leaders must embrace collaborative risk management. This approach strengthens cyber risk ownership and ensures data readiness and security for AI initiatives.”
GenAI is also transforming data security programs in three key dimensions: prioritizing synthetic over obfuscated data for training, shifting focus from structured to unstructured data security, and the need to assess GenAI’s data security posture.
Gartner analysts recommend investing in synthetic data tools as a replacement for traditional anonymization methods, which helps reduce privacy risks and ensure compliance.
Further, Gartner predicts that by 2026, 75% of organizations with GenAI initiatives will shift their spending focus from structured to unstructured data security. This anticipated shift suggests that SRM leaders should reallocate resources to enhance protection for both data types.
