IDC Reports Security Market to Reach $905 million by 2014
FRAMINGHAM, Mass. – A continually evolving breed of unknown, persistent, targeted, and adaptive security threats is pushing businesses' enterprise IT/security infrastructure to their limits and driving the expansion of the security services threat intelligence market.
According to new research from International Data Corporation (IDC), this emerging predictive security market is forecast to grow from $198 million in 2009 to $905 million in 2014 as organizations struggle to keep pace.
The security services threat intelligence market is made up of advanced security event monitoring and management technologies that incorporate a variety of threat-related information sources to develop predictive security. However, emerging Web application and other difficult-to-detect attacks are changing the security protection landscape and, subsequently, enterprise security posture. To ensure that enterprise network, application, data and endpoints can remain secure (clean of malware and breaches), anti-malware products and services are evolving to deal with these threats and reducing reliance on general signatures by instead adopting other forms of detection.
"Businesses are struggling to protect themselves as these outside threats become more resistant to signature-based security tools," said Christine Liebert, senior analyst, Security Services. "It's becoming clear that many of these emerging treats cannot be defended against in-house, creating a shift in security posture toward being more proactive."
Additional highlights from IDC's security services threat intelligence research include the following:
- Many organizations, despite having implemented some of the more standard countermeasures (i.e., firewalls, antivirus, IDs) still do not have visibility across their environment to understand what is happening at any given time.
- Attacks are becoming shorter (lasting less than a couple of hours or only a few minutes) and more highly targeted (e.g., specific URL, person, company, or IT asset), further complicating detection, mitigation, and remediation.
- Signature-based tools (antivirus, firewalls, and intrusion prevention) are only effective against 30–50 percent of current security threats.
- Security services threat intelligence products and services grew 65 percent year over year in North America from 2010 to 2011 as enterprises looked to proactively monitor and mitigate malicious network traffic.
- Over the past five years, attackers have enlarged their scope to include commercial SMBs offering high-value targets (e.g., financial information, intellectual property, and other proprietary data).
The IDC study, Worldwide and U.S. Security Services Threat Intelligence, 2011-2014 Forecast: Out of the Basement and into the Clouds, discusses the security services threat intelligence market, which is made up of advanced security event monitoring and management technologies that incorporate a variety of threat-related information sources to develop predictive security. The research contains a forecast through 2014 as well as profiles of 11 vendors competing in this space.