Just how rapidly the IT security market is expanding depends on who you ask. While one recent IT industry analyst report said it "has fast evolved into a high revenue-generating industry," another analyst questioned the report's findings.
The analyst report, "Information Security Products & Services: A Global Strategic Business Report," from market research firm Global Industry Analysts, projects the worldwide IT security products and services market to experience “significant growth,” expanding to $79 billion by 2010.
According to the report, the U.S. and Europe will continue to dominate the market, with more than 71 percent of the sales of security solutions. However, the firm expects the biggest growth to come from the Asia-Pacific area.
Mike Rothman, president of security research firm Security Incite, said the growth rate he’s observed doesn’t quite match those lofty figures. “I have a hard time believing that the security market is growing at the large enterprise level,” he said. “Nothing really is getting folks to shell out a lot of money.”
The days of “30 percent to 40 percent growth” in the sales of security products are over, he added. Rather, enterprise spending on security products has leveled off and is similar to that of the flat networking equipment market.
Where Rothman sees growth is in the small-to-medium enterprise (SME) segment. Smaller financial institutions such as regional credit unions and health care organizations have increased their spending on security technologies, he said.
The stagnant security market is due in part because “it’s been a long time since something new that everyone had to jump on” entered the market, he added. Many of the so-called “new” security technologies, such as the emerging unified threat management (UTM) solutions, are merely repackaged versions of existing products and thus lack compelling features to make them “must haves.”
So, what is the next “big thing” in enterprise security? “I think people are slowly realizing how important it is to protect applications,” Rothman noted. That means the market for solutions for application security scanning and source-code analysis should expand.
Meanwhile, a report from INPUT, a research firm that focuses on U.S. government IT spending, said that the federal network security market will be a $3.8 billion treasure trove for security vendors in 2007. The primary driver here, with a “modest” 6.2 percent growth rate, is deployment of identity and access-control solutions, said Prabhat Agarwal, INPUT’s manager of federal information security analysis.
The deployment of access-control products is the government’s response to Homeland Security Presidential Directive-12 (HSPD-12), he said. HSPD-12, a presidential directive signed by President Bush in 2004, mandates that all federal government employees and contractors possess a uniform form of ID – in this case, a so-called smart card .
“That’s a big deal,” he said. “The government needs to make sure that someone who comes in to defend a network is who they say they are and authenticated.”
The feds are also increasing spending in securing “data where it resides, whether it’s on a laptop or mobile device,” said Agarwal. “It’s all part of the government’s attempt to protect data at rest and to allow only those who need access to data to get access to it.”
Click here to email West Coast Bureau Chief Jim Carr.