Worldwide Security Governance, Risk, and Compliance Services and Software Forecast, 2025–2029

This IDC study presents a five-year forecast and contains IDC's best estimate for the governance, risk, and compliance services and software market for the 2025–2029 period. In addition, this study discusses the drivers and dynamics that had an impact on the global security governance, risk, and compliance professional services and software markets in 2024 and provides insight into future trends that may influence market demand over the 2025–2029 period."Governance, risk, and compliance services and software continue to be the top investment areas for organizations," says Phil Harris, research director, Governance, Risk, and Compliance Services, IDC. "Both IT and the business are gaining clarity about the ever-changing cyberattack environment, the impacts of AI on their organizations, and the critical impact to the ongoing viability of their organizations. Business and IT recognize the need to prioritize cybersecurity as a mandate and keep senior management, and the board, informed as to the status of the program, and seek software that does more of the 'heavy lifting.' While the overall cybersecurity GRC market has experienced robust growth over the past several years and budgets are tightening, organizations continue to see value in both GRC services and software, which is evidenced in continued investment. I am glad to see that managed GRC service growth is on the rise to aid organizations in fast-tracking their GRC programs. CISOs must step up their game in executive and board settings to engage them in constructive dialog that has them become contributors to the direction of cybersecurity rather than passively listening."