Press Release

STAMFORD, Conn., August 16, 2010 View All Press Releases

Gartner Says Security Software Market is Poised for 11 Percent Growth in 2010

Analysts Discuss Major Trends in Application and Data Security at Gartner Security & Risk Management Summit 2010, 22-23 September, London

  Worldwide security software revenue is forecast to surpass $16.5 billion in 2010, an 11.3 percent increase from 2009 revenue of $14.8 billion, according to Gartner, Inc. Although the economic downturn slowed security revenue to 7 percent growth in 2009, organizations have indicated an intention to give priority to security budgets.

"Most segments of the security software market will continue to grow over the next few years, although a significant degree of variation is expected between the more-established and less-mature technologies," said Ruggero Contu, principal research analyst at Gartner. "Overall, security will remain one of the fastest-growing areas within the enterprise software market."

Gartner analysts said security software markets will weather the current economic downturn better than in 2001 and 2002, because the market conditions are dramatically different in terms of maturity, penetration, confidence in IT, and geographic and vertical mix.

"Security software vendors that have a balanced mix of channel, new license and maintenance revenue streams and flexibility in contractual terms, such as software as a service (SaaS), open source and outsourcing, have the strongest options for continued growth and to even out the risk," Mr. Contu said. "Shrinking discretionary spending budgets have heightened competition for new maintenance and license revenue streams and placed a renewed emphasis on vendor performance and viability."

The consumer security software market remains the largest security software segment, with 2010 revenue projected to reach $4.2 billion in 2010, up from $3.9 billion in 2009. The endpoint protection platform (enterprise) market is the No. 2 security software segment, with revenue on pace to reach $3 billion in 2010, up from $2.9 billion in 2009.

The security software market continues to benefit from prioritization and demands related to compliance requirements, as well as the need to keep up with ever-increasing sophistication and volume in the threat landscape.

“During the next six to 12 months, products delivered as SaaS and appliances will continue overtaking traditional software licensing as the preferred purchasing methods,” said Matthew Cheung, senior research analyst at Gartner. “Delivery as a suite in subsegments such as enterprise endpoint security, identity and access management (IAM), and Web security will be the most prevalent product delivery types. Despite major vendors seeking to consolidate, opportunities exist for smaller niche players and product specialization, and local expertise is expected to remain a valued factor.”

Compliance remains an important driver across many segments, particularly user provisioning, security information and event management (SIEM) and mobile data protection.

"The growing sophistication of the threat landscape — with malware composed of multiple components that can be installed after the initial infection and the exploits of socially engineered trojans, which trick end users into downloading and executing malicious files — will push organizations and consumers to invest in endpoint security products in coming years," Mr. Cheung said.

IAM is a critical component of enterprises' security strategies. Gartner clients indicate that about 8 percent of their security budgets are currently dedicated to IAM. This area is composed of technologies with varying levels of maturity and adoption; overall, the IAM market is estimated to grow to more than $12 billion by 2014.

Additional detail is available in the Gartner report "Forecast Analysis: Security Software Markets, Worldwide, 2009-2014, 2Q10 Update". The report is available on Gartner's website at

Gartner analysts will further examine the state of the IT security industry at the Gartner Security & Risk Management Summit 2010, 22-23 September, in London. Members of the media can register by contacting Ben Tudor, Gartner PR, at Additional information from the event will be shared on Twitter at and using #GartnerSecurity.

About Gartner Security & Risk Management Summit 2010
The Gartner Security & Risk Management Summit 2010 comes at a time when the relationships between information security, business and risk management are crucial. As organisations prepare for a return to growth, they continue to face financial challenges which represent opportunities for security, risk and privacy professionals to become key partners in their organisations’ strategies for renewed growth. Gartner analysts will help organisations protect their infrastructure and manage their identities in the most efficient and effective ways, but also discuss best practices in risk management and governance. For further information on the Summit, please visit

About Gartner

Gartner, Inc. (NYSE: IT), is the world's leading research and advisory company and a member of the S&P 500. We equip business leaders with indispensable insights, advice and tools to achieve their mission-critical priorities and build the successful organizations of tomorrow.

Our unmatched combination of expert-led, practitioner-sourced and data-driven research steers clients toward the right decisions on the issues that matter most. We're trusted as an objective resource and critical partner by more than 12,000 organizations in more than 100 countries—across all major functions, in every industry and enterprise size.

To learn more about how we help decision makers fuel the future of business, visit

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.