Risk
9/22/2009
09:28 PM
George V. Hulme
George V. Hulme
Commentary
50%
50%

Security Software Market Remains Strong

While the growth of the security software market took a hit this year, along with most every other market segment, it's still pegged to grow 8 percent, year over year, according to a market research firm. There's also stronger growth ahead.

While the growth of the security software market took a hit this year, along with most every other market segment, it's still pegged to grow 8 percent, year over year, according to a market research firm. There's also stronger growth ahead.Market research firm Gartner Inc. says that the global security software market will tally $14.5 billion this year. That's up 8% from 2008, which saw this segment grow by 19%. The good news is that, for 2010, Gartner predicts double-digit growth to return, with a 13% sequential increase over 2009 to reach $16.3 billion.

Here's what Ruggero Contu, principal research analyst at Gartner had to say in a statement:

"Although the worldwide security software market is affected by the economic downturn, the growth will continue to be strong in 2009 as security remains a critical area where drastic cuts cannot be afforded," s the medium term, the greatest growth opportunities will come from software as a service (SaaS), appliance based offering and small and medium businesses (SMBs), which are in security catch-up mode compared with large companies and therefore spend a higher percentage of their budgets on security."

Not much to nitpick with there. SMBs will be spending more, because in the years past they've, generally, spent so little on IT security. I have to add that the healthcare market, which is rapidly moving to electronic health records, will have to also step up and spend more when it comes to IT security. I expect significant incremental security spend from the healthcare vertical.

As for SaaS taking much of the growth, we've known that for some time and covered this trend in Symantec Buys MessageLabs: SaaS Security Ready To Rock , Identity Management as a Service, and Security Continues Its Drive Toward The Cloud.

The rest of Gartner's statement rehashed the security vendor consolidation of 2008, and the move toward multi-featured integrated security products. Not much new insight there. That's been going on for years, and will continue to be the case for the foreseeable future. Continue to expect the big vendors to buy the well-run startups with good ideas, and keep looking for true innovation from the scrappy security startups.

As for IT security budgets: keep them tight and aligned with the bigger business objectives.

For my mobile and technology observations, consider following me on Twitter.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
Dark Reading Live EVENTS
INsecurity - For the Defenders of Enterprise Security
A Dark Reading Conference
While red team conferences focus primarily on new vulnerabilities and security researchers, INsecurity puts security execution, protection, and operations center stage. The primary speakers will be CISOs and leaders in security defense; the blue team will be the focus.
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: No, no, no! Have a Unix CRON do the pop-up reminders!
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
The Impact of a Security Breach 2017
The Impact of a Security Breach 2017
Despite the escalation of cybersecurity staffing and technology, enterprises continue to suffer data breaches and compromises at an alarming rate. How do these breaches occur? How are enterprises responding, and what is the impact of these compromises on the business? This report offers new data on the frequency of data breaches, the losses they cause, and the steps that organizations are taking to prevent them in the future.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.