Four key developments — the use of advanced analytics, expanded ecosystems, adoption of software as a service (SaaS) and managed services, and the prospect of punitive regulations — are driving these changes, the study said.
“The overall security market is undergoing a period of disruption due to the rapid transition to cloud-based digital business and technology models that are changing how risk and security functions deliver value in an organization,” said Gartner analyst Deborah Kish in a statement. “At the same time, the threat landscape and rise in the number of high-impact security incidents are also creating demand for security technologies and innovations that deliver greater effectiveness.”
By 2020, advanced security analytics will be embedded in at least 75 percent of security products, the report said. Enterprises increasingly demand products that incorporate “smarter” predictive and prescriptive analytic technologies. These technologies help warn users of potential security incidents and provide guidance on optimal responses.
A variety of underlying technologies, such as artificial intelligence and machine learning, drive these more-advanced analytical capabilities. Successful vendors will work with customers to understand use cases where analytics will deliver value and augment limited security staff and resources, Gartner said.
Security M&A Activity
Given the sheer number of startups and smaller vendors pursuing innovative approaches to security, acquisition, integration, and consolidation are effective strategies to increase market share and enter completely new markets, Gartner said.
In many cases, mature vendors in search of continued growth are acquiring faster-growing companies from emerging adjacent markets.
“There have been several acquisitions in the last year and a half,” Kish wrote in an email. “Many of them have been for analytics, for example HPE acquiring Niara, Sophos acquiring Invincea and Barricade 10, IBM buying Agile 3, Splunk buying Caspida for UEBA, and Palo Alto buying CyberLight. Other acquisitions have been in the CASB space, Forcepoint buying the Skyfence product from Imperva, Cisco buying Cloudlock and Symantec buying BlueCoat (Blue Coat had earlier acquired two CASB vendors, Elastica and Perspecsys). Also, Fortinet buying AccelOps to get into the SIEM space.”
In other cases, vendors are optimizing profits by consolidating similar products under a single brand, therefore leveraging economies of scale by combining core functions, such as development, support, sales, and marketing.
“Symantec would be a good example of a provider consolidating security products and leveraging the assets for cloud security from a fast growing company,” Kish wrote. “BlueCoat grew 17 percent in 2015.”
SaaS On the Rise
As security buyers transition to digital business models, they show a preference for products in an as-a-service format, the report said. This includes risk management and security software-as-a-service.
This echoes another recent survey that found software as a service (57 percent) and security as a service (51 percent) ranked as the two leading cloud computing models adopted by enterprises.
Despite this shift to software- and security-as-a-service, providers must consider the financial implications of maintaining support for legacy security products while investing in an as-a-service product or managed service.
“If a vendor comes from a hardware legacy it must support the hardware products during the transition to a services based business,” Kish wrote. “Many customers will continue to utilize hardware based products, in part to leverage existing investments, because they do not yet ‘trust’ capabilities or products based purely on software in the cloud and (usually in government organizations) that may never use cloud, based on internal policies. Our recommendation is that vendors should plan to make the transition to cloud services as quickly as possible so as to avoid having a bloated cost structure supporting two different delivery models for an extended period of time.”