Security Market Intelligence - The Channel Company · Security Market Intelligence: Robert...

Security Market Intelligence:

Robert Westervelt

IDC Data Security Practice

rwestervelt@idc.com

508.935.4331

Twitter.com/rwestervelt

Security Risks, Compliance Challenges Fuel Security Spend

© IDC Visit us at IDC.com and follow us on Twitter: @IDC 2

Data Breaches & Modern Attacks

Security Buyer Trends

Endpoint & Network Security

IoT Security Opportunity

Top Spending Industries

Security M&A Activity

Talking Points

3© IDC Visit us at IDC.com and follow us on Twitter: @IDC http://breachlevelindex.com/

© IDC Visit us at IDC.com and follow us on Twitter: @IDC

Messaging Risks

Targeted/Multi-Stage Attacks

Vulnerability Growth

Attacker Sophistication

Coordinated Attacks

Evasion; VM Detection

Toolkits Multiple Plugins

99% Hit Known Flaws

Exploits Are Automated

Adobe; Microsoft

91% Ransomware

89% Organized Crime

63% File Attachments

© IDC Visit us at IDC.com and follow us on Twitter: @IDC 5

Data Breaches: A Costly TollM

ain

ten

an

ce

Phishing Attack

Account Credential Theft

Email Attachment

26 People Involved

Recon Activity

$180,000 In Overnight Payroll Transfers

© IDC Visit us at IDC.com and follow us on Twitter: @IDC 6

Data Breaches: A Costly TollP

las

tic

s M

ake

r

Gameover-Zeus victim

Phishing attack

Account credential theft

Keystroke logger

$374K two wire transfers

Banks detected activity following $500K attempt

© IDC Visit us at IDC.com and follow us on Twitter: @IDC 7

Data Breaches: A Costly TollA

gri

cu

ltu

ral

Bu

sin

ess

Brute force attack

37 failed login attempts over six days.

Electronic funds transfers, wire transfers, ACH payments

$223,500 in three wire transfers over three days

© IDC Visit us at IDC.com and follow us on Twitter: @IDC 8

Buying Trends: Top Spending Priorities

8

Secure Cloud MSSPs

DataNetwork

63%

83%90%

© IDC Visit us at IDC.com and follow us on Twitter: @IDC 9

61.7% 51.7%

42.6%37.4%

ENDPOINT/PC DESKTOP OR NOTEBOOK ANTIMALWARE

(ANTIVIRUS, ANTISPOOFWARE, ETC.)

EMAIL SCANNING FOR VIRUSES/OTHER

MALWARE

LAPTOP ENCRYPTION ENDPOINT DLP

Joint IDC-The Channel Company Survey

Modern Antivirus

Endpoint

Response &

Remediation

Response to Ransomware Outbreak

Compliance Initiatives

IoT Concerns (Healthcare)

Endpoint Security Spending: Midmarket

Endpoint Security

© IDC Visit us at IDC.com and follow us on Twitter: @IDC 10

Ransomware key driver

Buyers seek “fresh” endpoint

security products

Influencers vary by company

Networking

System admins

CISO/CIO

Next-gen Antivirus

Antivirus coupled with response

Containerization and Isolation

Symantec

McAfee

Trend Micro

Kaspersky Lab

Sophos

Webroot

ESET

Malwarebytes

Palo Alto Traps

Check Point

Cylance

Crowdstrike

Carbon Black

SentinelOne

Specialized Threat Analysis and ProtectionCorporate 4.4%

Consumer 2.4%

CAGR

© IDC Visit us at IDC.com and follow us on Twitter: @IDC 11

63% 56%

43% 41%

MODERN NETWORK SECURITY

INFRASTRUCTURE TO SUPPORT ADVANCED THREAT DETECTION

MANAGED SECURITY SERVICES

REFRESH OF STANDARD NETWORK SECURITY

PRODUCTS

SECURITY INITIATIVES TO SUPPORT

SOFTWARE DEFINED NETWORKING

ARCHITECTURE

Network Security Spending: Midmarket

Joint IDC-The Channel Company Survey

© IDC Visit us at IDC.com and follow us on Twitter: @IDC 12

Cisco Systems

Check Point

Palo Alto Networks

Fortinet

Juniper

Vendors build out sandboxing,

targeted attack defense solutions

Check Point updated R80

management console; Pushing

SandBlast offering.

Cisco Systems: Meraki security

product line

Fortinet: Acquired Meru

Networks; Launches cloud

security service

FireEye: Adding flexible offerings

Network Security Specialized Threat Analysis and Protection

Firewall/UTM 10.7%

IDP 5.3%

Sophos

Trend Micro

CAGR

FireEye

Arbor Networks

CounterTack

IoT Security and Costs: Key Concerns

13

14.3%

14.6%

14.7%

16.0%

17.3%

17.5%

18.5%

19.3%

22.1%

27.0%

0% 5% 10% 15% 20% 25% 30%

Lack of skills internally

Lack of a holistic solution

Fear or reality of deployment complexity

Unclear or unproven ROI

Ongoing costs

Concern about technology stability

No budget allocated

Other IT priorities

Upfront costs

Security and/or privacy concerns

Q. What do you think will hinder the deployment of an Internet of Things (IoT) solution within

your organization in the next two years?

Security and/or

budget are the top

inhibitors for half of

European companies.

Other IT priorities are

difficult to overcome.

Source: IDC's Global IoT Decision Maker Survey, August 2015

© IDC Visit us at IDC.com and follow us on Twitter: @IDC

14

Manufacturing: Efficiency

improvements/IoT; IT-OT

Banking/Finance: Cognitive technologies,

biometrics for payments; blockchain

Legal: Top industry for targeted

attacks w/oil & gas

Education: Confidentiality, PII

protection; open, collaborative

environment; connectivity

5

4

Healthcare: IoT; PII; Balance

security and patient care

3

2

1

IDC U.S. SMB Security Update 2016

14

Midmarket Security Spend: Top Five Industries

© IDC Visit us at IDC.com and follow us on Twitter: @IDC 15

Disruption: Security Market M&A

8x Earnings

Biggest Acquirers:

Cisco

Symantec

Microsoft

IBM

EMC

Acquisition

Symantec Blue Coat

Symantec LifeLock

Dell EMC/RSA

Accenture Endgame

Carbon Black Confer

Sophos Invincea

Malwarebytes Saferbytes

Palo Alto LightCyber

Forcepoint Skyfence

IBM Agile 3

Cisco CloudLock

Trend Micro HPE TippingPoint

MicroFocus HPE Security

The Road Ahead: Security Market Opportunity

Endpoint Consolidation is Coming

Network Security Vendors Adding Cloud, Endpoint

Buyers Seek Cloud Security, Managed Services

IoT Analytics Prompts Security Opportunity

Create A Security Blueprint: Guide customers through

the security maturity curve. Consider frameworks: “20

Critical Security Controls” Center for Internet Security