The overall security market is undergoing a period of disruption due to the rapid transition to cloud-based digital business and technology models that are changing how risk and security functions deliver value in an organisation, according to Deborah Kish, principal research analyst at Gartner. "At the same time, the threat landscape and rise in the number of high-impact security incidents are also creating demand for security technologies and innovations that deliver greater effectiveness," he adds.
The research advisory, Gartner highlights four main factors which are responsible for the massive transformation in the security software market. These are: use of advanced analytics, expanded ecosystems, adoption of software as a service (SaaS) and managed services, and the prospect of punitive regulations.
By 2020, advanced security analytics will be embedded in at least 75 per cent of security products, according to Gartner predictions. Enterprises are increasingly seeking products that incorporate "smarter" predictive and prescriptive analytic technologies, which help warn users of potential security incidents and provide guidance on optimal responses. Successful vendors will work with customers and prospects to understand use cases where analytics will deliver significant value and augment limited security staff and resources.
Given the preponderance of startups and smaller vendors pursuing innovative approaches to security problems, acquisition, integration and consolidation are highly effective strategies to increase market share and enter completely new markets. In many cases, mature vendors in search of continued growth are acquiring faster-growing companies from emerging adjacent markets. In other cases, vendors are optimising profits by consolidating similar products under a single brand, therefore leveraging economies of scale by combining core functions, such as development, support, sales and marketing.
Security buyers are making security product investment decisions that support digital business, fit their current challenges and deliver performance value. Gartner's recent end-user security spending survey indicates that, in order to do this, they have a preference for products in an as-a-service format. SaaS for security and risk management is becoming critical as customers transition to digital business practices. However, providers must consider the financial implications of maintaining support for legacy security products while investing in an as-a-service product or managed service.
The EU General Data Protection Regulation (GDPR) will come into effect on May 25, 2018 and could see organisations facing heavy fines should they receive a single complaint for mishandling private data. Consequently, enterprises will look to providers with products that provide the needed visibility and control of their data. Providers should identify the key regulatory requirements and constraints in target geographies by working with legal counsel to deliver product and service choices that will alleviate board-level fears.