The latest report from market analyst Gartner reveals that worldwide spending on security will increase by 4.7% to reach US$75.4 billion in 2015, with security testing, IT outsourcing, and identity and access management presenting the biggest growth opportunities for technology providers.
Gartner acknowledges that the global security forecast is lower than previously forecast “as mature security technologies are becoming commoditised”.
According to Gartner, despite significant slowing in the Chinese and South Korean economies, the overall outlook for the Asia/Pacific region remains positive.
"Interest in security technologies is increasingly driven by elements of digital business, particularly cloud, mobile computing and now also the Internet of Things, as well as by the sophisticated and high-impact nature of advanced targeted attacks," said Elizabeth Kim, research analyst at Gartner.
According to Kim, this focus is driving investment in emerging offerings, such as endpoint detection and remediation tools, threat intelligence and cloud security tools, such as encryption.
Kim says, however, that strength in these emerging segments cannot compensate for the downgrade of the larger mature segments being commoditised.
Gartner also reports that increased legislation continues to be a driver for security spending in some countries, including Poland, the Czech Republic, Hungary, Romania and South Africa.
Here’s what Gartner has to say on some of the other trends in the information security market behind its latest forecasts:
• Price increases of as much as 20% will drive organisations to forgo security purchasing in 2015, especially in Europe.
As most products in security originate from the U.S., its dollar appreciation will trigger significant price changes in the conversion from local currencies to U.S. dollars. Pricing went up as much as 20% for most security products in the European region, for example. Gartner expects the main customer response will be to forgo some spending for the next quarter or so. The rebound of 2016 will be due to a combination of deferred purchases realised in 2016 and the stabilisation of currency exchange rates from 2016 onward.
• Growth in the enterprise content-aware data loss prevention (DLP) market will see constriction of growth of 4% to 5%through to the end of 2019.
Gartner market share data shows the stable performance of the top vendors in this segment in 2014. Given the rise of channel DLP (C-DLP) and "DLP lite" solutions, Gartner expects that the market will not exhibit such strong growth in its current form in coming years. Most established vendors in this space are transforming the way they deliver comprehensive DLP capabilities, and this transition period will likely impact growth in coming years.
• Through to the end of 2020, fewer than 5% of network security vendors will gain traction in the endpoint protection platform (EPP) market.
EPPs demonstrate the desire by organisations to have as few agents as possible on endpoints. Additional agents incur greater risk of interfering with applications, complicating support resolution with additional alerts, and having to update and deploy products. In most cases, EPP and network security have unique buying and operations centers with different selling channels. Historically, there are few exceptions of vendors having success that crosses the endpoint/network operations line (other than VPN agents), but there are many examples of vendors withdrawing from the other market.
• Fewer than 5% of organisations with more than 500 employees will purchase unified threat management (UTM) solutions for their branch offices by 2019.
Enterprise firewalls and UTM remain distinct products and markets, and despite their lower price point, the demand for UTM appliances will continue to be restricted to the small or midsize business (SMB) market. Gartner expects enterprises to predominantly continue to use routers and Multiprotocol Label Switching (MPLS) links to connect their smallest branches to regional centers.
• By 2018, 85% of new deals for network sandboxing functionality will be packaged with network firewall and content security platforms.
For the past three years, lean-forward organisations have been wary of an advanced-threat environment in which bad actors innovate faster than traditional blocking mechanisms, such as firewalls, intrusion prevention systems (IPSs) and secure Web gateways, can react. In response, the most widely adopted advanced-threat detection technique deployed is network malware sandboxing, which has appealed to well-staffed incident response teams. Recently, several high-profile breaches have broadened the perceived need for zero-day malware detection in a sandbox, but it can increase costs for the midsize or understaffed security client. Incumbent security platform vendors introduced less costly, often cloud-based, malware detonation sandboxes as platform extensions.