According to research group Gartner Inc, the cloud-based security services market will be worth some $2.1 billion by year end, increasing to $3.1 billion in two years’ time. Gartner says revenue opportunities will vary, while growth will remain strong.
“The cloud-based security market remains a viable one, offering providers many opportunities for expansion,” says Ruggero Contu, research director at Gartner. “Encryption will be a new area of growth, but it remains a complex activity.
“The strongest interest will be in encryption products from cloud security brokers, which are relatively easy to deploy and have options for on-premises encryption management.”
According to Gartner, e-mail security, web security services and identity and access management (IAM) services will be the three services in highest demand in the near future. “However,” it says, “in 2013 and 2014, the highest growth is forecast to occur in cloud-based tokenisation and encryption, security information and event management (SIEM), vulnerability assessment and web application firewalls.”
“Areas such as SIEM and IAM offer the biggest growth potential, although for SIEM, this will be from a small base,” says Kelly Kavanagh, principal research analyst at Gartner. “The benefits cloud security offers — particularly encryption — are making it an increasingly popular choice. However, trust concerns and regional variations mean that providers will have to assess each market opportunity carefully before deciding which to focus on.” Gartner says the adoption of SaaS and other cloud services is driving adoption of security services. “These are delivered either as stand-alone features or as part of an integrated SaaS package,” the company notes. “Managed security services (MSS) are also driving adoption of cloud-based security services among organisations. MSS delivery models are in turn being affected by demand for cloud-based security services, which is enabling security providers to become de facto MSS players.”
“The benefits of deploying cloud-based security services are clear,” says Kavanagh. “Aside from the broad area of IAM, specific controls, such as encryption, are becoming vital to the adoption of cloud computing. They’re further helping to generate interest in this particular form of security service delivery.”
Gartner says that it expects acceptance of, and reliance on, cloud-based security as-a-service offerings to increase, based on organisations gaining more experience with SaaS and more consumer-grade technology being made available to corporate systems as a result of trends, such as bring your own device (BYOD). According to Gartner: “In the next 24 months, new security-as-a-service-based offerings that address specific security controls forcloud-based IT resources will be available from larger IT and network service providers, aimed initially at small or mid-size enterprises (SMEs).” Gartner predicts that smaller, pure-play managed security service providers (MSSPs) will be most affected by the introduction of these services, and expects them to consolidate.