The widespread DDoS attacks that brought down many major websites this October will lead end users to engage multiple DDoS mitigation service providers, according to recent analysis from Technology Business Research.
Jane Wright, principal analyst at TBR, says end users will turn to these providers as well as multiple site hosting and domain name sustem service providers to reduce their risk of outage caused by sharing services with ther likely targets.
“Although most customers have been steadily decreasing the number of security vendors and security service providers they use to reduce complexity, the events of Oct. 21 will create an exception to this strategy,” Wright says.
“The greater-than-600Gbps attacks made clear attackers can exceed many service providers' capacity to examine and scrub traffic, especially as attackers leverage devices in the Internet of Things (IoT) to swarm sites with traffic,” she says.
On Oct. 21, many businesses suffered outages, as their service providers were consumed with handling attacks targeting their large, high-profile customers such as Twitter and Netflix.
“While the security industry and government plan a more effective defense against such volumetric attacks in the future, TBR believes customers will diversify their service provider partners as a short-term solution,” says Wright.
Wright says DDoS mitigation spending will increase, with revenue distributed among more providers.
“Customers will increase spending for DDoS mitigation services and assign network portions and domain groups to different service providers, to diversify their risk in case one of their service providers is overwhelmed by attacks against their sites or sites owned by their provider's other customers,” says Wright.
Revenue for DDoS mitigation products and services is covered in the network security segment of TBR's Enterprise Security Benchmark, which showed the segment's revenue increasing 15% year-to-year for 24 benchmarked vendors in 2Q16.
TBR estimates DDoS mitigation spending will increase 16% to 17% year-to-year in 1Q17, adding about $40 million to market revenue in the quarter, as a result of the Oct. 21 attacks.
“Customers will continue to depend on DDoS mitigation services from established providers such as IBM and SecureWorks, and TBR expects customers will increasingly add Imperva's Incapsula, F5's Silverline and Arbor Networks' Arbor Cloud services,” Wright says.
“Customers will evaluate relatively new security service providers such as Zenedge, and new DDoS mitigation service providers will emerge to meet demand as customers revive the “security through diversity” approach,” she explains.
“Customers with mature security skills will also add layers of in-house protection by deploying additional anti-DDoS appliances such as Check Point's DDoS Protector and Radware's DefensePro.
Wrights says customers' security strategies and spending have often reflected the changing attack landscape.
“Following a cluster of breaches involving credit card data in 2014 (e.g., the attacks on Target and Home Depot), TBR's research noted an increase in data loss prevention spending,” explains Wright.
“Similarly, the Oct. 21 spate of DDoS attacks will shift revenue and growth opportunities, highlighting the importance for security vendors and service providers to maintain flexibility so they can adapt quickly to the next wave of cybercrime.