Exchange rate, commoditisation biting into security spend
IT security spend will soften this year as price increases of up to 20% – driven largely by the US exchange rate – and commoditisation of mature technology offerings bite.
Gartner says price increases of as much as 20% which have already been seen in some countries – particularly in Europe – in the wake of the US dollar appreciation, will see customers forgoing some spending for the next quarter or so. Most security products originate in the United States, Gartner notes, triggering 'significant' price changes in the conversion from local currencies to US dollars.
"The rebound of 2016 will be due to a combination of deferred purchases realised in 2016 and the stabilisation of currency exchange rates from 2016 onward," Gartner says.
Despite that, Gartner says worldwide information security spend will grow almost 4.7% to reach US$75.4 billion this year.
The analyst firm says the increase in spending is being driven by government initiatives, increased legislation and high-profile data breaches, with security testing, IT outsourcing and identity and access management key areas of interest for enterprises – and presenting the biggest growth opportunities for technology providers and resellers.
However, spending in areas such as endpoint protection platforms and consumer security software is starting to see commoditisation, leading to a downgrade in the forecast for these segments in 2015.
"While the visibility and growing awareness of the impact of security threats keeps attention on security, the bulk of the security software market is composed of mature technology areas where the penetration rate is already high," Gartner says.
Elizabeth Kim, Gartner research analyst, says interest in security technologies is increasingly driven by elements of digital business, particularly cloud, mobile computing and now also the internet of things, as well as by the sophisticated and high-impact nature of advanced targeted attacks.
She says this focus is driving investment in emerging offerings, such as endpoint detection and remediation tools, threat intelligence and cloud security tools, such as encryption. However, the strength of these emerging segments isn't enough to compensate for the downgrade of the larger mature segments being commoditised, Kim says.
The analyst firm says the enterprise content-aware data loss prevention (DLP) market will see constriction of growth of 4% to 5% through to the end of 2019, given the rise of channel DLP and DLP 'lite' solutions.
"Most established vendors in this space are transforming the way they deliver comprehensive DLP capabilities, and this transition period will likely impact growth in coming years," Gartner says.
The company is also predicting that fewer than 5% of organisations with more than 500 employees will purchase unified threat management solutions for their branch offices by 2019, with enterprise firewalls and UTM remaining distinct products and markets and demand for UTM appliances remaining restricted to the small or midsize business market. Enterprises are expected to predominantly continue to use routers and multiprotocol label switching (MPLS) links to connect smaller branches to regional centres.
Gartner is also forecasting that 85% of new deals for network sandboxing functionality will be packaged with network firewall and content security platforms by 2018.
It says network malware sandboxing is the most widely adopted advanced threat detection technique deployed in the face of increasingly fast threats.
"Recently, several high-profile breaches have broadened the perceived need for zero-day malware detection in a sandbox, but it can increase costs for the midsize or understaffed security client," Gartner says.
"Incumbent security platform vendors introduced less costly, often cloud-based, malware detonation sandboxes as platform extensions.