Risk
9/22/2009
09:28 PM
George V. Hulme
George V. Hulme
Commentary
Connect Directly
RSS
E-Mail
50%
50%

Security Software Market Remains Strong

While the growth of the security software market took a hit this year, along with most every other market segment, it's still pegged to grow 8 percent, year over year, according to a market research firm. There's also stronger growth ahead.

While the growth of the security software market took a hit this year, along with most every other market segment, it's still pegged to grow 8 percent, year over year, according to a market research firm. There's also stronger growth ahead.Market research firm Gartner Inc. says that the global security software market will tally $14.5 billion this year. That's up 8% from 2008, which saw this segment grow by 19%. The good news is that, for 2010, Gartner predicts double-digit growth to return, with a 13% sequential increase over 2009 to reach $16.3 billion.

Here's what Ruggero Contu, principal research analyst at Gartner had to say in a statement:

"Although the worldwide security software market is affected by the economic downturn, the growth will continue to be strong in 2009 as security remains a critical area where drastic cuts cannot be afforded," s the medium term, the greatest growth opportunities will come from software as a service (SaaS), appliance based offering and small and medium businesses (SMBs), which are in security catch-up mode compared with large companies and therefore spend a higher percentage of their budgets on security."

Not much to nitpick with there. SMBs will be spending more, because in the years past they've, generally, spent so little on IT security. I have to add that the healthcare market, which is rapidly moving to electronic health records, will have to also step up and spend more when it comes to IT security. I expect significant incremental security spend from the healthcare vertical.

As for SaaS taking much of the growth, we've known that for some time and covered this trend in Symantec Buys MessageLabs: SaaS Security Ready To Rock , Identity Management as a Service, and Security Continues Its Drive Toward The Cloud.

The rest of Gartner's statement rehashed the security vendor consolidation of 2008, and the move toward multi-featured integrated security products. Not much new insight there. That's been going on for years, and will continue to be the case for the foreseeable future. Continue to expect the big vendors to buy the well-run startups with good ideas, and keep looking for true innovation from the scrappy security startups.

As for IT security budgets: keep them tight and aligned with the bigger business objectives.

For my mobile and technology observations, consider following me on Twitter.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7392
Published: 2014-07-22
Gitlist allows remote attackers to execute arbitrary commands via shell metacharacters in a file name to Source/.

CVE-2014-2385
Published: 2014-07-22
Multiple cross-site scripting (XSS) vulnerabilities in the web UI in Sophos Anti-Virus for Linux before 9.6.1 allow local users to inject arbitrary web script or HTML via the (1) newListList:ExcludeFileOnExpression, (2) newListList:ExcludeFilesystems, or (3) newListList:ExcludeMountPaths parameter t...

CVE-2014-3518
Published: 2014-07-22
jmx-remoting.sar in JBoss Remoting, as used in Red Hat JBoss Enterprise Application Platform (JEAP) 5.2.0, Red Hat JBoss BRMS 5.3.1, Red Hat JBoss Portal Platform 5.2.2, and Red Hat JBoss SOA Platform 5.3.1, does not properly implement the JSR 160 specification, which allows remote attackers to exec...

CVE-2014-3530
Published: 2014-07-22
The org.picketlink.common.util.DocumentUtil.getDocumentBuilderFactory method in PicketLink, as used in Red Hat JBoss Enterprise Application Platform (JBEAP) 5.2.0 and 6.2.4, expands entity references, which allows remote attackers to read arbitrary code and possibly have other unspecified impact via...

CVE-2014-4326
Published: 2014-07-22
Elasticsearch Logstash 1.0.14 through 1.4.x before 1.4.2 allows remote attackers to execute arbitrary commands via a crafted event in (1) zabbix.rb or (2) nagios_nsca.rb in outputs/.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Where do information security startups come from? More important, how can I tell a good one from a flash in the pan? Learn how to separate ITSec wheat from chaff in this episode.