Upload
others
View
5
Download
0
Embed Size (px)
Citation preview
Security Market Intelligence:
Robert Westervelt
IDC Data Security Practice
508.935.4331
Twitter.com/rwestervelt
Security Risks, Compliance Challenges Fuel Security Spend
© IDC Visit us at IDC.com and follow us on Twitter: @IDC 2
Data Breaches & Modern Attacks
Security Buyer Trends
Endpoint & Network Security
IoT Security Opportunity
Top Spending Industries
Security M&A Activity
Talking Points
3© IDC Visit us at IDC.com and follow us on Twitter: @IDC http://breachlevelindex.com/
© IDC Visit us at IDC.com and follow us on Twitter: @IDC
Messaging Risks
Targeted/Multi-Stage Attacks
Vulnerability Growth
Attacker Sophistication
Coordinated Attacks
Evasion; VM Detection
Toolkits Multiple Plugins
99% Hit Known Flaws
Exploits Are Automated
Adobe; Microsoft
91% Ransomware
89% Organized Crime
63% File Attachments
© IDC Visit us at IDC.com and follow us on Twitter: @IDC 5
Data Breaches: A Costly TollM
ain
ten
an
ce
Phishing Attack
Account Credential Theft
Email Attachment
26 People Involved
Recon Activity
$180,000 In Overnight Payroll Transfers
© IDC Visit us at IDC.com and follow us on Twitter: @IDC 6
Data Breaches: A Costly TollP
las
tic
s M
ake
r
Gameover-Zeus victim
Phishing attack
Account credential theft
Keystroke logger
$374K two wire transfers
Banks detected activity following $500K attempt
© IDC Visit us at IDC.com and follow us on Twitter: @IDC 7
Data Breaches: A Costly TollA
gri
cu
ltu
ral
Bu
sin
ess
Brute force attack
37 failed login attempts over six days.
Electronic funds transfers, wire transfers, ACH payments
$223,500 in three wire transfers over three days
© IDC Visit us at IDC.com and follow us on Twitter: @IDC 8
Buying Trends: Top Spending Priorities
8
Secure Cloud MSSPs
DataNetwork
63%
83%90%
© IDC Visit us at IDC.com and follow us on Twitter: @IDC 9
61.7% 51.7%
42.6%37.4%
ENDPOINT/PC DESKTOP OR NOTEBOOK ANTIMALWARE
(ANTIVIRUS, ANTISPOOFWARE, ETC.)
EMAIL SCANNING FOR VIRUSES/OTHER
MALWARE
LAPTOP ENCRYPTION ENDPOINT DLP
Joint IDC-The Channel Company Survey
Modern Antivirus
Endpoint
Response &
Remediation
Response to Ransomware Outbreak
Compliance Initiatives
IoT Concerns (Healthcare)
Endpoint Security Spending: Midmarket
Endpoint Security
© IDC Visit us at IDC.com and follow us on Twitter: @IDC 10
Ransomware key driver
Buyers seek “fresh” endpoint
security products
Influencers vary by company
Networking
System admins
CISO/CIO
Next-gen Antivirus
Antivirus coupled with response
Containerization and Isolation
Symantec
McAfee
Trend Micro
Kaspersky Lab
Sophos
Webroot
ESET
Malwarebytes
Palo Alto Traps
Check Point
Cylance
Crowdstrike
Carbon Black
SentinelOne
Specialized Threat Analysis and ProtectionCorporate 4.4%
Consumer 2.4%
CAGR
© IDC Visit us at IDC.com and follow us on Twitter: @IDC 11
63% 56%
43% 41%
MODERN NETWORK SECURITY
INFRASTRUCTURE TO SUPPORT ADVANCED THREAT DETECTION
MANAGED SECURITY SERVICES
REFRESH OF STANDARD NETWORK SECURITY
PRODUCTS
SECURITY INITIATIVES TO SUPPORT
SOFTWARE DEFINED NETWORKING
ARCHITECTURE
Network Security Spending: Midmarket
Joint IDC-The Channel Company Survey
© IDC Visit us at IDC.com and follow us on Twitter: @IDC 12
Cisco Systems
Check Point
Palo Alto Networks
Fortinet
Juniper
Vendors build out sandboxing,
targeted attack defense solutions
Check Point updated R80
management console; Pushing
SandBlast offering.
Cisco Systems: Meraki security
product line
Fortinet: Acquired Meru
Networks; Launches cloud
security service
FireEye: Adding flexible offerings
Network Security Specialized Threat Analysis and Protection
Firewall/UTM 10.7%
IDP 5.3%
Sophos
Trend Micro
CAGR
FireEye
Arbor Networks
CounterTack
IoT Security and Costs: Key Concerns
13
14.3%
14.6%
14.7%
16.0%
17.3%
17.5%
18.5%
19.3%
22.1%
27.0%
0% 5% 10% 15% 20% 25% 30%
Lack of skills internally
Lack of a holistic solution
Fear or reality of deployment complexity
Unclear or unproven ROI
Ongoing costs
Concern about technology stability
No budget allocated
Other IT priorities
Upfront costs
Security and/or privacy concerns
Q. What do you think will hinder the deployment of an Internet of Things (IoT) solution within
your organization in the next two years?
Security and/or
budget are the top
inhibitors for half of
European companies.
Other IT priorities are
difficult to overcome.
Source: IDC's Global IoT Decision Maker Survey, August 2015
© IDC Visit us at IDC.com and follow us on Twitter: @IDC
14
Manufacturing: Efficiency
improvements/IoT; IT-OT
Banking/Finance: Cognitive technologies,
biometrics for payments; blockchain
Legal: Top industry for targeted
attacks w/oil & gas
Education: Confidentiality, PII
protection; open, collaborative
environment; connectivity
5
4
Healthcare: IoT; PII; Balance
security and patient care
3
2
1
IDC U.S. SMB Security Update 2016
14
Midmarket Security Spend: Top Five Industries
© IDC Visit us at IDC.com and follow us on Twitter: @IDC 15
Disruption: Security Market M&A
8x Earnings
Biggest Acquirers:
Cisco
Symantec
Microsoft
IBM
EMC
Acquisition
Symantec Blue Coat
Symantec LifeLock
Dell EMC/RSA
Accenture Endgame
Carbon Black Confer
Sophos Invincea
Malwarebytes Saferbytes
Palo Alto LightCyber
Forcepoint Skyfence
IBM Agile 3
Cisco CloudLock
Trend Micro HPE TippingPoint
MicroFocus HPE Security
The Road Ahead: Security Market Opportunity
Endpoint Consolidation is Coming
Network Security Vendors Adding Cloud, Endpoint
Buyers Seek Cloud Security, Managed Services
IoT Analytics Prompts Security Opportunity
Create A Security Blueprint: Guide customers through
the security maturity curve. Consider frameworks: “20
Critical Security Controls” Center for Internet Security