IDC’s recent market sizing for security software in Western Europe (see here), published in August 2016, shows that the market passed the $5bn mark for 2015 – the latest full year on record. What is more, continuing growth is set to take the market’s value past $7bn by 2020. This landmark achievement provides an opportunity to pause for thought and consider the factors that have taken the market to this point, and drive growth through to the end of the forecast period.
Security is gaining share of the total Western European software market, and it is IDC’s view that this is the result of three key ‘meta-trends’ that are driving the security industry overall:
- With the growing scale of the threat landscape, the number of threat actors is increasing, and so too is the sophistication of their attacks.
- Enterprises face a growing burden of regulatory requirements for security and data privacy, the most prominent in Europe being the EU’s General Data Protection Regulation (GDPR).
- The growing number of digital transformation and Internet of Things (IoT) initiatives being launched by Western European enterprises causes the concept of a ‘secure perimeter’ to disappear, and also increases their ‘attack surface’.
While these factors are causing the security software market as a whole to grow, it would be a mistake to view this strong performance as being uniform across all segments. In fact, there are elements of the market that are showing sluggish performance or even shrinking. These struggling segments tend to be those that are dealing with fundamental transitions. A good example here is the messaging security space, where the shift towards SaaS delivery has caused the market to decline for several years.
However, where there is disruption there is opportunity: IDC’s expectation for the messaging security market is that the opportunity to supplant on-premise environments with cloud-based alternatives will return the market to growth by 2019. In fact, IDC expects the volume of public cloud software (PCS) within the Western European security software market to surpass on-premise software this year. The continuing growth of PCS messaging is expected to counter-balance the decline of on-premise before the end of the forecast period through to 2020.
Growth is also on offer thanks to a shift in mind-set amongst security software buyers. The scale of the challenge represented by the three ‘meta-trends’ set out above means that traditional, reactive approaches to security alone are no longer sufficient to deal with the challenge. For example, Symantec’s 2016 threat report (see here) states that more than a million new malware variants are being released daily. The ability to counter-act these through signature-based solutions such as anti-malware products is no longer sufficient in its own right.
That is not to say that signatures are defunct. In fact, in combination with more pro-active approaches they continue to perform an important role: automating the elimination of known threats. However, with the number of unknown threats growing radically, Further support is required. This is where more proactive approaches that detect and respond unknown threats come into the equation. These solutions tend to harness context and behavior, seeking unusual and unwanted behavior to provide indications of compromise. These solutions tend to fit within the IAM and SVM segments, driving strong growth.
A final key point driving security software growth is the pressure that the three meta-trends place on enterprises’ security personnel. The scale of the challenges that those three factors represents places a growing burden on security resources, meaning that ‘business as usual’ is no longer sufficient. While an increasingly common reaction to this resource pressure is to consider the services of a managed security service provider (MSSP), security software can help to ease the pain through the automation of processes. This is giving rise to interest in orchestration, automation and management tools that can help to enact resolutions to IoCs while reducing the burden on human resources. This allows scarce human resources to focus on higher-priority activities that require greater levels of human input.
The scale and scope of the threat landscape continuing to outpace the reactions of the market to handle them. Consequently, IDC expects the security software market to continue growing as enterprises continue to seek solutions that reduce the burden on scarce resources and to prevent data breaches from becoming data losses (two separate concepts). Under current conditions, IDC’s forecast shows the market passing the $7bn mark by the end of the forecast period in 2020.
If you want to learn more about European Security Software or any other Security related research for the upcoming future, please contact Dominic Trott.