Worldwide spending on information security will reach $71.1 billion in 2014, an increase of 7.9 percent over 2013. The data loss prevention segment will record fastest growth at 18.9.
The increasing adoption of mobile, cloud, social and information (often interacting together) will drive use of new security technology and services through 2016.The nexus of forces, however, is impacting security in terms of new vulnerabilities.
The bigger trend that emerged in 2013 was the democratisation of security threats, driven by the easy availability of malicious software (malware) and infrastructure (via the underground economy) that can be used to launch advanced targeted attacks.
Below are the six trends in the information security that will shape the market:
1) By 2015, roughly 10% of overall IT security enterprise product capabilities will be delivered in the cloud. A significant number of security markets are being impacted by newly emerged delivery models. This is resulting in the growth of cloud-based security services, which are transforming, to different degrees, the way security is supplied and consumed by customers. While cloud-based services' competitive pricing puts pressure on the market, the cloud is also providing new growth opportunities, as some organisations switch from deploying on-premises products to cloud-based services or cloud-managed products. More than 30% of security controls deployed to the small or midsize business (SMB) segment will be cloud-based by 2015.
2) Regulatory pressure will increase in Western Europe and Asia/Pacific from 2014. Regulatory compliance has been a major factor driving spending on security in the last three years, particularly in the U.S. Industry experts expect this influence to accelerate from 2014. Broader data privacy legislation such as the Australian Privacy Act is expected to sustain spending on security this year. Other examples of intensifying regulatory pressure driving spending on compliance include the issue of guidelines regarding personal information protection in China in February 2013 (although they are not legally binding) and planned implementation of an addition to the EU Data Protection Directive. Other examples include personal data protection laws (introduced in 2013) in Singapore and Malaysia.
3) By year-end 2015, about 30% of infrastructure protection products will be purchased as part of a suite offering. The presence of highly mature and commoditising technologies, such as EPP and email security, will be contrasted by growth opportunities offered by segments such as SIEM, DLP and emerging technologies within the "other security" segment. Security providers in the more mature and consolidated segments are predicted to support sales through the addition of new security controls as part of broader suite offerings. This will be the case within the EPP segment, with the increasing availability of DLP, mobile device management, vulnerability assessment, hosted archiving and encryption for secure email gateway. This expansion of suite offerings to include new security controls is expected to help maintain momentum and slow down commoditisation of these mature markets.
4) By 2018, more than half of organisations will use security services firms that specialise in data protection, security risk management and security infrastructure management to enhance their security postures. Many organisations continue to lack the appropriate skills necessary to define, implement and operate appropriate levels of data protection and privacy-specific security controls. This lack of skills leads organisations to contract security consulting firms that specialise in data protection and security risk management to address regulatory compliance demands and enhance their security postures. A significant portion of organisations are shifting existing resources away from the operational aspects of security technologies, such as security device administration and monitoring, toward mitigation and incident response. This new dynamic has given rise to significant growth throughout the globe for managed security services.
5) Mobile security will be a higher priority for consumers from 2017 onward. There is a lack of penetration of security tools among users of new mobile platforms, and experts does not expect to see new demand for this type of capability to emerge before 2016. Most consumers do not recognise that antivirus is important on mobile devices and therefore have not yet established a consistent practice of buying mobile device endpoint protection software. This purchasing trend and market shift away from PCs will have significant repercussions on the consumer security market. However, as mobile devices gain in mass popularity and as security is likely to be a higher priority from 2017 onward, then new market opportunities are likely to emerge.
originally posted on:etcio.com