Worldwide spending on information security will reach $75.4 billion in 2015, an increase of 4.7 percent over 2014, according to the latest forecast from Gartner, Inc. The increase in spending is being driven by government initiatives, increased legislation and high-profile data breaches. Security testing, IT outsourcing, and identity and access management present the biggest growth opportunities for technology providers.
According to Gartner, spending in areas such as endpoint protection platforms and consumer security software is starting to see commoditization, leading to a downgrade in the forecast for these segments in 2015. While the visibility and growing awareness of the impact of security threats keeps attention on security, the bulk of the security software market is composed of mature technology areas where the penetration rate is already high.
"Interest in security technologies is increasingly driven by elements of digital business, particularly cloud, mobile computing and now also the Internet of Things, as well as by the sophisticated and high-impact nature of advanced targeted attacks," said Elizabeth Kim, research analyst at Gartner.
Ms. Kim said that this focus is driving investment in emerging offerings, such as endpoint detection and remediation tools, threat intelligence and cloud security tools, such as encryption. However, strength in these emerging segments cannot compensate for the downgrade of the larger mature segments being commoditized.
Increased legislation continues to be a driver for security spending in some countries, including Poland, the Czech Republic, Hungary, Romania and South Africa.
Other trends in the information security market behind Gartner's latest forecast include:
Price increases of as much as 20 percent will drive organizations to forgo security purchasing in 2015, especially in Europe.
As most products in security originate from the U.S., its dollar appreciation will trigger significant price changes in the conversion from local currencies to U.S. dollars. Pricing went up as much as 20 percent for most security products in the European region, for example. Gartner expects the main customer response will be to forgo some spending for the next quarter or so. The rebound of 2016 will be due to a combination of deferred purchases realized in 2016 and the stabilization of currency exchange rates from 2016 onward.
Growth in the enterprise content-aware data loss prevention (DLP) market will see constriction of growth of 4 percent to 5 percent through to the end of 2019.
Gartner market share data shows the stable performance of the top vendors in this segment in 2014. Given the rise of channel DLP (C-DLP) and "DLP lite" solutions, Gartner expects that the market will not exhibit such strong growth in its current form in coming years. Most established vendors in this space are transforming the way they deliver comprehensive DLP capabilities, and this transition period will likely impact growth in coming years.
Through to the end of 2020, fewer than five percent of network security vendors will gain traction in the endpoint protection platform (EPP) market.
EPPs demonstrate the desire by organizations to have as few agents as possible on endpoints. Additional agents incur greater risk of interfering with applications, complicating support resolution with additional alerts, and having to update and deploy products. In most cases, EPP and network security have unique buying and operations centers with different selling channels. Historically, there are few exceptions of vendors having success that crosses the endpoint/network operations line (other than VPN agents), but there are many examples of vendors withdrawing from the other market.
Fewer than 5 percent of organizations with more than 500 employees will purchase unified threat management (UTM) solutions for their branch offices by 2019.
Enterprise firewalls and UTM remain distinct products and markets, and despite their lower price point, the demand for UTM appliances will continue to be restricted to the small or midsize business (SMB) market. Gartner expects enterprises to predominantly continue to use routers and Multiprotocol Label Switching (MPLS) links to connect their smallest branches to regional centers.
By 2018, 85 percent of new deals for network sandboxing functionality will be packaged with network firewall and content security platforms.
For the past three years, lean-forward organizations have been wary of an advanced-threat environment in which bad actors innovate faster than traditional blocking mechanisms, such as firewalls, intrusion prevention systems (IPSs) and secure Web gateways, can react. In response, the most widely adopted advanced-threat detection technique deployed is network malware sandboxing, which has appealed to well-staffed incident response teams. Recently, several high-profile breaches have broadened the perceived need for zero-day malware detection in a sandbox, but it can increase costs for the midsize or understaffed security client. Incumbent security platform vendors introduced less costly, often cloud-based, malware detonation sandboxes as platform extensions.
More information is available to Gartner clients in the report "Forecast Analysis: Information Security, Worldwide, 2Q15 Update."