Tech

Security software priorities shift from defence to detection and response

While the market for security software is still growing, firms are choosing to handle security differently.

Written by Steve Ranger, Global News Director July 14, 2016 at 7:57 a.m. PT

The worldwide security software market was worth $22.1bn last year -- up by 3.7 percent from 2014.

Firms are tackling the unrelenting hacker threat by investing in security information and event management technology. The tech handles threat detection and security incident response through the real-time collection and analysis of security events. Spending in this area is growing faster than in any other segment of the security market, up 15.8 per cent, according to analyst Gartner. The sharpest decline in the security spending was on consumer-focused software, which fell 5.9 per cent year on year.

Gartner said interest in technologies focused solely on preventing security breaches is on the wane, in contrast to offerings that enable detection and response.

"Organizations are shifting security budgets from prevention to prediction, detection and response, and security vendors need to be capture this shifting spend," it said, pointing to identity governance and administration and data loss prevention technologies as growth areas.

According to Gartner, the top five vendors together in 2015 accounted for 37.6 per cent of the security software revenue -- down 3.1 percentage points from 2014. And four out of the five saw security revenues decline over 2014, according to the analyst, with only IBM increasing takings.

"The below-market growth seen by these large vendors with complex product portfolios is in contrast to the market growth and disruption being introduced by smaller, more specialised security software vendors," said Sid Deshpande, principal research analyst at Gartner.

Part of the reason for this shift is the big vendors have complex portfolios and some of those are in slowing legacy markets -- meanwhile smaller vendors don't have to worry about solving everything and can thus be more effective in targeting specific security niches.

Symantec maintained its No. 1 position but saw security software revenue decline 6.2 percent to $3.4bn. Gartner said that in 2015, 74 percent of Symantec's revenue came from consumer and endpoint-protection (EPP) technologies, such as antivirus, anti-spyware, personal firewall, and application control offerings. These collectively declined 7 per cent year-on-year and were a major contributor to Symantec's revenue decline.

Intel's security software revenue also declined in 2015, with revenue falling 4.1 per cent to $1.75bn. Gartner said that, like Symantec, the decline in the consumer and EPP markets, which accounted for 75 percent of Intel's security revenue in 2015, was at the root of this.