Cybersecurity will remain a top priority for most organisations in 2020 as threats and vulnerabilities persist and compliance, regulations and ecosystem requirements strengthen, Canalys said in a statement.
It underpinned the mass shift to remote working during lockdown by securing newly provisioned endpoints, providing secure access to corporate resources and extending perimeter defences beyond physical corporate networks, the statement added.
"The shift to subscriptions will shield cybersecurity from immediate IT spending cuts, but additional expenditure will be affected for the rest of the year as organisations begin the next stage in their response to the pandemic," Matthew Ball, chief analyst at Canalys, said.
He added that the switch from free trials to paid subscriptions will be a factor in maintaining cybersecurity growth.
"But the mix of cost containment measures, workforce reduction and cash flow issues will result in greater scrutiny of existing projects and smaller deals. Delays and cancellations of new initiatives will increase, except those that enable cost reductions and secure high-priority digital transformation initiatives," he said.
Endpoint security is expected to see high growth rates (8.5 per cent), as remote working practices are extended, though momentum could slow after strong investment in the first quarter, especially in SMB customer segments.
Network security will remain the largest segment, at 36 per cent of spending. But, the reprioritisation of budgets will defocus spending on traditional appliance-based perimeter defences and lead to negative growth rates (-0.9 per cent).
"Organisations will have to boost spending in other areas of their security stack to address new vulnerabilities created by a more decentralised workforce through multi-layer prevention plus detection and response. This will incorporate web and email security, data security, and vulnerability and security analytics," the statement said.
Spending will also shift to cloud deployment options and securing cloud-deployed workloads as organisations optimise business continuity measures and accelerate cloud migration, Canalys said.
Ketaki Borade, the research analyst at Canalys, said hackers continue to target organisations and individuals by compromising unsecured and poorly trained remote workers via numerous vectors, including email, social engineering and RDP (Remote Desktop Protocol) brute force attacks.
"Organisations will have to re-assess changes to workflows, application use, customer engagement and training for cybersecurity awareness in a more virtual workplace," Borade added.