Two of the more prominent trends in the IT world are the continuing growth of cloud computing and the increasing use of data analytics as a valuable business tool. Both of these areas can play a prominent role in information security efforts—and indeed to some extent they already are, according to recent research reports.
A new study on the cloud security services market from research firm Infonetics Research provides some good insights on the market—and perhaps some optimistic news for managed security services providers.
The firm (which is now part of IHS Inc.) in its Cloud and CPE Managed Security Services study, reported that the cloud security services market grew 14% in 2014 to $7.2 billion worldwide, up from $6.3 billion the previous year.
The report, released in March 2015, analyzes and forecasts the market for cloud- and customer premises equipment (CPE)-based security services offered by service providers to small-, medium- and large-sized businesses.
Another highlight of the study was that managed security service revenue totaled $15.8 billion worldwide in 2014, up 10% from 2013.
Clearly, the cloud is playing an increasingly important role, with cloud-based offerings accounting for 46% of security service revenue in 2014.
By 2018, the Infonetics reports says, cloud security services will surpass CPE-based security services.
The biggest contributor to cloud-based security service revenue is content security, the report notes, followed by managed firewall services, other security services, distributed denial of service (DDoS) mitigation and intrusion detection/prevention systems.
Clearly, demand for these types of services is on the upswing, as organizations deal with increasingly sophisticated security threats and attack vectors and as high-profile data breaches attract a lot of attention for the need for stronger security.
"Our long-term outlook for the already very large cloud and CPE managed security services market, especially for cloud services, is quite strong as providers begin to leverage their software-defined networking (SDN) and network functions virtualization (NFV) rollouts to really scale the delivery of managed security services," notes Jeff Wilson, research director for cybersecurity technology at Infonetics and author of the report.
"Providers are leaning heavily on SDN and the promise of NFV, and this will help them deliver a wide range of new security services that leverage virtual appliances for protecting applications, data and infrastructure in their own clouds, and delivering new services to customers," Wilson said.
Another report, by research firm Gartner Inc., says security analytics can be a key in breach detection.
The study, "Market Trends: Security Analytics—A New Hope for Security, or Just Hype?" states that breach detection “is top of mind for security buyers and the field of security technologies claiming to find breaches or detect advanced attacks is at an all-time noise level."
Security analytics platforms try to bring situational awareness to security events by gathering and analyzing a broader set of data, so that companies can determine the events that pose the greatest harm with better accuracy, the report says.
Among the solutions the report covers are security information and event management (SIEM) technologies. Most SIEM products can collect, store and analyze security data, Gartner says. But the meaning that organizations can derive from a data store such as the security data in a SIEM depends on how the data is reviewed.
Another security analytics tool the firm analyzes is user behavior analytics (UBA). With UBA, companies can analyze user activity much like they can use a fraud detection system to monitor credit cards for theft. “UBA systems are effective at detecting meaningful security events, such as a compromised user account and rogue insiders,” the report says.
On the whole, the security industry is still getting its footing in terms of the application of analytics, the report says. “As security analytics platforms grow in maturity and accuracy, a driving factor for their innovation is how much data can be brought into the analysis,” it says.
Today, data about hosts, networks, users and external parties is the most common data being brought into analyses, Gartner says. “However, the amount of context that can be brought into an analysis is truly boundless and presents an opportunity for owners of interesting data and the security providers looking to increase their effectiveness.”
Whether it’s through cloud services, advanced analytics tools or other emerging security solutions, managed services providers and value-added resellers can leverage these offerings to provide clients with stronger security postures in the midst of growing cyber security threats.