Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

6/11/2013
08:08 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Gartner: Worldwide Security Market To Grow 8.7 Percent In 2013

Three main trends shaping the security market moving forward

NATIONAL HARBOR, MD., June 11, 2013 -- As companies continue to expand the technologies they use to improve their overall security, the worldwide security technology and services market is forecast to reach $67.2 billion in 2013, up 8.7 percent from $61.8 billion in 2012, according to Gartner, Inc. The market is expected to grow to more than $86 billion in 2016.

Gartner analysts discussed the outlook for the security market at the Gartner Security & Risk Management Summit, being held here through Thursday.

"With security being one of the top IT concern areas, the prospect of strong continued growth is assured," said Ruggero Contu, research director at Gartner. "The consistent increases in the complexity and volume of targeted attacks, coupled with the necessity of companies to address regulatory or compliance-related issues continue to support healthy security market growth."

Gartner analysts see three main trends shaping the security market moving forward -- mobile security, big data and advanced targeted attacks.

Bring your own device (BYOD) is a megatrend that will have a far-reaching influence on the entire security industry. Changes in how security addresses BYOD leaves several opportunities for technology service providers (TSPs). Firstly, with the shift from device security to app/data security there is a chance for some security TSPs to capture endpoint protection budgets. Secondly, since some BYOD projects are centered on the productivity gains of one to two apps, there could be buying centers adding security outside of traditional information technology centers. Finally, being able to understand the device type and how your users are computing today is just as important as who they are. An opportunity exists for those able to determine that context, and provide it for other points of influence, such as the network or applications.

The amount of data required for information security to effectively detect advanced attacks and, at the same time, support new business initiatives, will grow rapidly over the next five years. This growth presents unique challenges when looking for patterns of potential risk across diverse data sources. However, big data, in and of itself, is not the goal. Delivering risk-prioritized actionable insight is.

"To support the growing need for security analytics, changes in information security people, technologies, integration methods and processes will be required, including security data warehousing and analytics capabilities, and an emerging role for security data analysts within leading-edge enterprise information security organizations," said Eric Ahlm, research director at Gartner.

When examining the advanced targeted attack (ATA), and the new methods being used to breach today's security controls, it can be distilled to a basic understanding that attackers, especially those who have significant financial motivation, have devised effective attack strategies centered on penetrating some of the most commonly deployed security controls (largely signature-based antivirus and signature-based intrusion prevention), most often by using custom or dynamically generated malware for the initial breach and data-gathering phase.

Advanced attackers are now capable of maintaining footholds inside an organization once they successfully breach security controls by actively looking for ways to remain persistent on the target organization's internal network either through the use of malware or, even if the malware is detected and removed, via postmalware use of user credentials gathered during the period of time the malware was active. They then change their tactics to secondary attack strategies as necessary, looking for other ways around any internal security controls in the event they lose their initial attack foothold.

"Mitigating the threat from ATAs requires a defense-in-depth strategy across multiple security controls," said Lawrence Pingree, research director at Gartner. "Enterprises should employ a defense-in-depth, layered approach model. Organizations must continue to set the security bar higher, reaching beyond many of the existing security and compliance mandates in order to either prevent or detect these newly emergent attacks and persistent penetration strategies. This layered approach is typical of many enterprise organizations and is often managed in independent ways to accomplish stated security goals, namely, detect, prevent, respond and eliminate."

Additional information on the outlook for the security market is available in the Gartner Special Report "The Future of Global Information Security" The special report can be viewed at http://www.gartner.com/technology/research/security-risk-management/ and includes links to reports and commentary that explore the major tectonic forces at play that will change how business use of technology will be dramatically changed by rapid escalations in threat, defense and societal demands.

About the Gartner Security & Risk Management Summit 2013

The Gartner Security & Risk Management Summit 2013 is the premier gathering for senior IT and business executives across IT security and risk management, including privacy, compliance, BCM, IT disaster recovery and business resiliency. The summit offers five role-based programs that delve into the entire spectrum of IT security and risk, including: network and infrastructure security, IAM, compliance, privacy, fraud, BCM and resilience.

Gartner Security & Risk Management Summits will also be taking place August 19-20 in Sydney, Australia and September 18-20 in London, U.K. Details on the Australia event are at http://www.gartner.com/technology/summits/apac/security/. More information on the U.K. event is at http://www.gartner.com/technology/summits/emea/security/.

Members of the media can register for press passes to the Summits by contacting [email protected] (Sydney) or [email protected] (London).

Information from all Gartner Security & Risk Management Summits 2013 will be shared on Twitter at http://twitter.com/Gartner_inc using #GartnerSEC.

About Gartner

Gartner, Inc. (NYSE: IT) is the world's leading information technology research and advisory company. Gartner delivers the technology-related insight necessary for its clients to make the right decisions, every day. From CIOs and senior IT leaders in corporations and government agencies, to business leaders in high-tech and telecom enterprises and professional services firms, to technology investors, Gartner is a valuable partner in more than 13,000 distinct organizations. Through the resources of Gartner Research, Gartner Executive Programs, Gartner Consulting and Gartner Events, Gartner works with every client to research, analyze and interpret the business of IT within the context of their individual role. Founded in 1979, Gartner is headquartered in Stamford, Connecticut, USA, and has 5,500 associates, including 1,402 research analysts and consultants, and clients in 85 countries. For more information, visit www.gartner.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/23/2020
7 Tips for Choosing Security Metrics That Matter
Ericka Chickowski, Contributing Writer,  10/19/2020
Russian Military Officers Unmasked, Indicted for High-Profile Cyberattack Campaigns
Kelly Jackson Higgins, Executive Editor at Dark Reading,  10/19/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-24847
PUBLISHED: 2020-10-23
A Cross-Site Request Forgery (CSRF) vulnerability is identified in FruityWifi through 2.4. Due to a lack of CSRF protection in page_config_adv.php, an unauthenticated attacker can lure the victim to visit his website by social engineering or another attack vector. Due to this issue, an unauthenticat...
CVE-2020-24848
PUBLISHED: 2020-10-23
FruityWifi through 2.4 has an unsafe Sudo configuration [(ALL : ALL) NOPASSWD: ALL]. This allows an attacker to perform a system-level (root) local privilege escalation, allowing an attacker to gain complete persistent access to the local system.
CVE-2020-5990
PUBLISHED: 2020-10-23
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure.
CVE-2020-25483
PUBLISHED: 2020-10-23
An arbitrary command execution vulnerability exists in the fopen() function of file writes of UCMS v1.4.8, where an attacker can gain access to the server.
CVE-2020-5977
PUBLISHED: 2020-10-23
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and information disclosure.