In-Depth

Security is Bright Spot in IT Spending

Today's security market differs greatly from the market that was hammered almost a decade ago, following the dot.com implosion.

• By Stephen Swoyer
• 09/07/2010

Security spending may have slowed, but it still outpaces spending in other segments.

Market watchers say today's security market differs greatly from the market that was hammered almost a decade ago, following the dot.com implosion. Security vendors are considerably more nimble -- i.e., more adaptable, flexible, and likely to accommodate non-traditional distribution or acquisition models -- than were their legacy predecessors.

They have to be. "Security software vendors that have a balanced mix of channel, new license, and maintenance revenue streams and flexibility in contractual terms, such as software as a service … open source and outsourcing, have the strongest options for continued growth and to even out the risk," said Ruggero Contu, a principal research analyst with Gartner Inc., in a statement.

"Shrinking discretionary spending budgets have heightened competition for new maintenance and license revenue streams and placed a renewed emphasis on vendor performance and viability."

One upshot of this, according to Gartner and Contu, is that security seems like a sure safe harbor in the midst of an otherwise confusing -- and perhaps even treacherous -- IT spending forecast. "Most segments of the security software market will continue to grow over the next few years, although a significant degree of variation is expected between the more-established and less-mature technologies," Contu continued. "Overall, security will remain one of the fastest-growing areas within the enterprise software market."

Consumer spending still accounts for the biggest overall chunk of overall security spend, with revenues expected to grow by almost 8 percent (to a projected $4.2 billion) this year. Sales of endpoint protection solutions will increase at slightly less than half that rate (3.4 percent), growing from $2.9 to $3 billion.

This is thanks in part to a pair of drivers -- regulatory compliance and the increasing sophistication (to say nothing of ubiquity) of threats -- that are unique to the security market. For this reason, Contu says, spending on security products or services tends to be "prioritized" relative to other IT spending efforts.

"The growing sophistication of the threat landscape -- with malware composed of multiple components that can be installed after the initial infection and the exploits of socially engineered trojans, which trick end users into downloading and executing malicious files -- will push organizations and consumers to invest in endpoint security products in coming years," said Matthew Cheung, senior research analyst at Gartner, in a prepared release.

At the same time, enterprises are channeling an increasing percentage of security spend into non-traditional delivery channels, such as security appliances or SaaS offerings. It's a trend that Gartner doesn't see abating anytime soon.

"During the next six to 12 months, products delivered as SaaS and appliances will continue overtaking traditional software licensing as the preferred purchasing methods," Cheung said. "Delivery as a suite in subsegments such as enterprise endpoint security, identity and access management … and Web security will be the most prevalent product delivery types. Despite major vendors seeking to consolidate, opportunities exist for smaller niche players and product specialization, and local expertise is expected to remain a valued factor."