Global spending on security and risk management is projected to reach $215 billion next year, a 14% year-over-year increase from 2023, Gartner said Thursday in its latest forecast on the sector.

Security services, the industry’s largest segment spanning consulting, IT outsourcing, implementation and hardware support, will account for 42% of all spending. The segment will rise 11% to $90 billion next year, according to Gartner. The next largest segments, infrastructure protection and network security endpoint, are expected to capture $33.3 billion and $24.3 billion, respectively.

“In light of cyber risks increasing, cyberthreats proliferating and a changing operating environment, it is more critical than ever for organizations to build and optimize a cybersecurity program,” Shailendra Upadhyay, senior research principal at Gartner, said in a research note.

A Moody’s survey of more than 1,700 rated debt issuers underscores the increased investments organizations are making in cybersecurity in response to regulatory requirements and increased cyber risk.

Cybersecurity spending levels increased 70% from 2019 to 2023, according to Moody’s 2023 cyber survey.

The share of technology funds allocated to cybersecurity is also growing. Organizations said they devoted 8% of their technology budgets to cybersecurity in 2023, up from 5% in 2019, according to Moody’s 2023 cyber survey.

While budgets have grown, “advanced cyber practices remain out of reach for many issuers, and survey responses raise questions about the effectiveness of some cyber initiatives,” Leroy Terrelonge, VP analyst of cyber credit risk at Moody’s, said in a statement.

“Companies and organizations also face lurking challenges, including a growing cybersecurity talent shortage and the advent of generative AI, which will introduce new risks,” Terrelonge said.