By 2016, Gartner says they expect the cloud-based IT security market to reach $4.2 billion, and 10 percent of overall IT security enterprise product capabilities will be delivered in the cloud by 2015.
According to Gartner, these services are also the main force behind changes in the current market landscape, “particularly around a number of key security technology areas,” including secure email and secure Web gateways, remote vulnerability assessment, and Identity and Access Management (IAM).
In fact, based on a January 2013 Gartner survey on security spending, buyers from the U.S. and Europe “stated that they plan to increase the consumption of several common cloud services during the next 12 months,” as stated in the company report.
“Demand remains high from buyers looking to cloud-based security services to address a lack of staff or skills, reduce costs, or comply with security regulations quickly,” said Eric Ahlm, research director at Gartner. “This shit in buying behavior from the more traditional on-premises equipment toward could-based delivery models offers good opportunities for technology and service providers with cloud delivery capabilities, but those without such capabilities need to act quickly to adapt to this competitive threat.”
Of the cloud-based security services listed, email security services are the highest-consumed, according to 74 percent of respondents in the Gartner survey. Furthermore, 27 percent of respondents said they were considering deploying tokenization as a cloud service.
According to Gartner, “tokenization allows security buyers to avoid having to house personally identifiable information (PII) or other confidential information.” The service, as a result, removes the burden of regulating the environment, as it allows “organizations to remove tokenized systems from being considered ‘in scope’ for PCI compliance.”
Other areas within the market expected to grow are security information and event management (SIEM) as a service. Gartner attributes regulatory compliance concerns and security buyers’ need to reduce costs in the area of log management, compliance reporting and security event monitoring as the driving force behind consumers’ interest.
“The overall customer demand for numerous cloud security services presents an opportunity for creating or partnering with cloud services brokers,” said Ahlm. “The customer demand for brokerage becomes apparent as organizations move more assets to the cloud and require multiple security services to span multiple clouds and/or mixtures of cloud and on-premises.”
As a precautionary measure, Gartner says they advise value-added resellers (VARs) to “supplement product implementations with cloud-based alternatives that offer large customers reduced operation cost and thereby increase the likelihood of customer retention in this market segment.” Those that fail to offer these services, however, will likely experience a decline in implementation revenue, as stated by Gartner.
“The value that cloud services bring to security buyers is measurable in terms of capital and operation cost reduction,” said Ahlm. “Security providers that currently offer only a hardware/software-based solution requiring implementation should build product road maps that allow customers to move to the cloud at their pace.”