Gartner Security and Risk Management Summit 2011

Tuesday, June 14, 2011

Lawrence Pingree

7377f47f95a1202ea8d330061b674dea

Context Matters for the Continued Growth of the Security Industry

With security firmly positioned as one of the top IT concern areas, the prospect of strong continued growth is assured for the next several years.

Indeed, Gartner predicts that revenue from security products and related service markets will increase from $55 billion this year to over $71 billion by 2014.

If we take this $71 billion overall number expected for 2014 and divide it by the 7.2 billion expected people in 2015 (Source: Global Population Source U.S. Census projections for 2015) we get a security expenditure rate of roughly $10 for every person on the planet annually. 

The consistent increases in the complexity and volume of targeted attacks, coupled with the necessity for companies to address regulatory or compliance related issues, continue to support healthy security market growth.

We will be examining the key issues facing the security industry at the upcoming Gartner Security and Risk Management Summit taking place June 20-23 in Washington D.C. (www.gartner.com/us/securityrisk). 

The enterprise security infrastructure market is projected to grow at an approximate compound annual growth rate (CAGR) of 10.9 percent into 2014 as companies continue to expand the technologies they use to improve their overall security.

Given that the larger, more developed economies were primarily first adopters of many of the first generation IT technologies, we now are seeing growth rates pick up in emerging markets where there are substantial technological initiatives by both government and industries looking to expand manufacturing and their supply base.

At the same time, many emerging economies have dedicated large programs to enhance education or create technology centric economic zones.   

The security services market will grow at an approximate CAGR of 8.2 percent through 2014. The security services market is roughly one third larger than the enterprise security infrastructure market. The top security service growth economies are Asia/Pacific, Latin America and North America.

Given the emergence of high demand in these areas, coupled with the lack of resources to address security concerns from a skills perspective, companies specializing in security services and consulting would do well to target these regions. 

When it comes to determining top technology security spending priorities for 2011, surveys undertaken at several Gartner conferences in 2010 indicate that data loss prevention is the top technology security spending priority for CIOs and IT professionals worldwide.

User provisioning and identity management also ranks highly, and the emergence of cloud computing has made this technology even more prominent as enterprises intend to integrate their identity management processes with their cloud deployments.   

Security information and event management are also prioritized for 2011 because of the many different log formats that exist for disparate systems and also to address the lack of alerting and workflow capabilities available in some products.

Network access control remains a priority for most enterprises because they wish to ensure that contractors, consultants, or company guests with unmanaged devices adhere to acceptable levels of security. Intrusion detection and prevention adoption ranks highly, driven not only by the need to stop attacks but also by regulation or standard requirements  

These priorities point to some major shifts in the way that we address security problems today compared to the recent past. In the past, we used flat file system logs, whereas today we use security information and event management with real-time responses.

In the past, our antivirus was primarily targeting file-based infections. Today, we have malware and antivirus technology that will check many aspects of the system to determine if infection is present.   

In the past, we were reliant on a human to review system logs or network activity in order to determine if an attack had occurred and we relied on basic network packet filters which only examined packet headers and not content. Today, next-generation firewalls inspect content and applications to make security enforcement decisions regardless of theprotocols used for the transactions.  

In the past, we used just simple access controls applied to file systems or application interfaces to control access to data. Now, we have data loss prevention and digital rights management which significantly improve our ability to identify the type of information and what business policy applies to that information, once we know the location of this data we can now enforce how that information can be used.  

The primary change from then to now is that we have systematically increased the context around each of these technologies in order to make wiser more accurate decisions and actively respond to security events. These separate technologies are now feeding information between each other to improve overall security through a concept Gartner calls “context awareness”.

One of the first adopters of context awareness has been in the security information and event management space where security context is often brought together to formulate appropriate responses. We believe that this context must be shared across technologies to improve overall security decision-making performed across closely aligned technologies where the sharing of this context will allow us to make better, more accurate security enforcement decisions.  

At the heart of this lies trust. Trust is established primarily by historical actions and the context of any given computing situation. For instance, you may trust someone initially until they make a mistake and the trust is broken or reduced.

However, not all mistakes are equal and therefore must be considered and ranked appropriately, which is why context is so very important for the future of security technology and why we feel this context convergence is necessary. 

The ultimate aim for the security industry is to have security solutions utilizing contextual information that will provide us better security, improved accuracy, easier audits and lower overall business costs for both the customer and the technology provider.

In order to achieve this we need to encourage technology providers to continue to enhance their decision-making through greater cross-product integration and the utilization of contextual security information.  

Mr. Pingree is a research director at Gartner, Inc. He focuses on the security aspects of products in the data center and cloud environments and is author of the book The Manager’s Guide to Becoming Great.

Possibly Related Articles:
7228
Network->General
Information Security
Enterprise Security Network Security Gartner Information Security Conferences Security and Risk Management Summit Security Industry
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.