Enterprises are increasing their spending on professional and managed security services. According to ESG Research, 58% of security professionals say that their organization\u2019s use of managed and\/or professional services for information security has \u201cincreased substantially\u201d or \u201cincreased somewhat\u201d over the past 2 years.Just what types of services are they consuming? The list is long and diverse, but according to ESG Research, the top 5 categories are as follows:\u2022 33%: Security architecture and infrastructure design (i.e. professional\/consulting services)\u2022 30%: Threat intelligence services\u2022 30%: Network monitoring services\u2022 30%: Security \/risk management \/regulatory compliance assessment\u2022 29%: Web threat managementBeyond this, they are also purchasing services for email security, vulnerability scanning, penetration testing, and staff augmentation amongst other things.Large organizations typically consume IT services a number of reasons. At the one extreme, they outsource mundane tasks rather than take these on themselves. At the other end of the spectrum, they seek out specialized skills for more esoteric high-value activities. Somewhere in the middle, they purchase services to supplement what they are doing in house. The ESG Research indicates that enterprises are most interested in supplementing internal efforts and paying for outside security expertise. Given the combination of a security skills shortage and the increasingly sophisticated threat landscape, it is highly likely that the security services segment will see healthy growth over the next few years.