IDC: China's cybersecurity market is expected to reach US$17.8 billion in 2029 with a five-year compound growth rate of 9.7%
The Zhitong Finance App learned that IDC recently released the 2025 V2 “Global Cybersecurity Spending Guide”. According to IDC data, the total global cybersecurity IT investment in 2024 was US$244.4 billion, and is expected to increase to US$416.2 billion in 2029, with a five-year compound growth rate (CAGR) of 11.2%. IDC predicts that China's cybersecurity market will grow from US$11.2 billion in 2024 to US$17.8 billion in 2029, with a five-year compound growth rate of 9.7%.
China Cybersecurity Market Insights
IDC pointed out that the “three laws and one rule” legislative framework has enabled the country to continuously improve its policies and regulations on cybersecurity, data security, personal information protection, etc., and China's cybersecurity market will become more mature in the future. Among them, the five-year compound growth rate of the cybersecurity software market was 13.7%, making it the fastest growing sub-market in the Chinese cybersecurity market.
Focusing on the cybersecurity hardware market, generative AI has provided stronger support for improving the performance of security hardware products, and frequent threat attacks have also boosted the growth of cybersecurity hardware investment. IDC predicts that the market share of unified threat management will continue to rise, accounting for nearly 70% of the security hardware market investment. However, the hardware firewall market is showing a trend of shrinking year by year, and its share may be scarce.
In the cybersecurity software market, information and data security software became the largest sub-market for security software with a five-year compound growth rate of 18.1%. Under the digital wave, the value of data as a core factor of production is gradually increasing, and the associated security risks are also showing a trend of complexity and diversification. In order to improve the confidentiality, integrity and usability of data, enterprises are strategically restructuring data protection systems and strengthening technical protection measures and management mechanisms. In this context, the market for data security software is growing steadily.
In the network security service market, security services defined by IDC are composed of managed security services, project services, and support services. In market segments, policy compliance requirements and increased corporate security awareness have boosted the demand for managed security services, with a five-year compound growth rate of 12.8%.
Industry insights
In terms of end user investment, government (Government), financial services (Financial Services), and telecommunications (Telecommunications) are still the top three cybersecurity spending industries, accounting for 25.4%, 16.8%, and 15.4% of the spending in 2024, respectively. Due to data sensitivity, industries such as government, financial services, and telecommunications have more urgent needs for cybersecurity and need to establish multi-level security protection systems, so nearly 60% of cybersecurity spending comes from these end users.
Focusing on the manufacturing industry, investment in the high tech and electronics (High Tech and Electronics) industry is growing rapidly among the relevant segments of the manufacturing industry. The increase in the penetration of digital technology has led to an increase in connected devices, and the demand for data security and intellectual property protection has also driven the growth of security investment in this segment. IDC predicts that the five-year compound growth rate of the high-tech and electronic products industry will reach 12.5%.
Business size insight
The size of an enterprise as defined by IDC is divided into Very Large Business (1000+)), Large Business (500-999), Medium Business (100-499)), Small Business (10-99)), Small Office (1-9), and Consumer (Consumer). In the cybersecurity market, end users are still dominated by very large enterprises, accounting for nearly 70% of the total investment in the market. In recent years, with the spread of cybersecurity awareness and frequent threat attacks, small and medium-sized enterprises have also gradually increased their investment in cybersecurity. IDC predicts that the five-year compound growth rate for midsize enterprises will reach 11.1%.
Zhang Wenhui, an enterprise-level analyst at IDC China, said that with the rapid development of emerging technologies such as generative AI, the new security risks and challenges associated with it have become prominent, further increasing the value of cybersecurity in ensuring business continuity and core assets. Currently, enterprises and government departments are paying more and more attention to cybersecurity. On the one hand, the regulatory system continues to be improved at the national level. More mature and detailed regulatory requirements and compliance standards have been formed around the “Cybersecurity Law” and “Data Security Law”, and dynamic supervision requirements have been continuously strengthened in line with technological developments, which has significantly enhanced the operability and enforceability of enterprises at the compliance level. On the other hand, in addition to meeting basic compliance, enterprises are speeding up the construction of a security resilience system covering the entire life cycle of data, considering security capabilities as core business support, and significantly increasing resource preferences in advanced security technology, professional talent cultivation, and security services. Looking forward to the future, driven by both policy drive and enterprise endogenous security requirements, AI-based intelligent security solutions will continue to expand application scenarios and become an important driving force for the steady growth of the cybersecurity software market.