Western European security software market will surpass $7 Billion by 2020, says IDC

London, 9 September, 2016 : Recent market sizing published by International Data Corporation (IDC) for security software in Western Europe (see Western Europe Security Software Forecast, 2016–2020: Security is an Enabler in the 3rd Platform Era , IDC #EMEA0725216, August 2016) shows that the market is expected to reach $7 billion by 2020. It also shows that the market passed the $5 billion mark in 2015 (the latest full year on record). These landmark characteristics provide an opportunity to consider what has taken the market this far, and what will spur future growth.

Security is gaining share of the total Western European software market, and it is IDC's view that this is the result of three key "meta-trends" that are driving the security industry overall:

• With the growing scale of the threat landscape, the number of threat actors is increasing, and so too is the sophistication of their attacks.
• Enterprises face a growing burden of regulatory requirements for security and data privacy, the most prominent in Europe being the EU's General Data Protection Regulation (GDPR).
• The growing number of digital transformation and Internet of Things (IoT) initiatives being launched by Western European enterprises causes the concept of a "secure perimeter" to disappear, and also increases their "attack surface."

While these factors are causing the security software market as a whole to grow, it would be a mistake to view this strong performance as being uniform across all segments. In fact, there are elements of the market that are showing sluggish performance or even shrinking. These struggling segments tend to be those that are dealing with fundamental transitions. A good example here is the messaging security space, where the shift towards SaaS delivery has caused the market to decline for several years.

However, where there is disruption there is opportunity. IDC's expectation for the messaging security market is that the opportunity to supplant on-premise environments with cloud-based alternatives will return the market to growth by 2019. In fact, IDC expects the volume of public cloud software (PCS) in the Western European security software market to surpass on-premise software this year. The continuing growth of PCS messaging is expected to counter-balance the decline of on-premise before the end of the forecast period through to 2020.

Growth is also on offer thanks to a shift in mind-set among security software buyers. The scale of the challenge represented by the three "meta-trends" set out above means that traditional, reactive approaches to security alone are no longer sufficient to deal with the challenge. For example, Symantec's 2016 threat report (see here) states that more than a million new malware variants are being released daily. The ability to counteract these through signature-based solutions such as antimalware products is no longer enough.

That is not to say that signatures are defunct. In fact, in combination with more proactive approaches they continue to perform an important role in automating the elimination of known threats. However, with the number of unknown threats growing rapidly, further support is required. This is where more proactive approaches that detect and respond to unknown threats come into the equation. These solutions tend to harness context and behavior, seeking unusual and unwanted behavior to provide indications of compromise. These solutions tend to fit within the IAM and SVM segments, driving strong growth.

A final key point driving security software growth is the pressure that the three meta-trends place on enterprises' security personnel. The scale of the challenges that those three factors represent places a growing burden on security resources, meaning that "business as usual" is no longer sufficient. While an increasingly common reaction to this resource pressure is to consider the services of a managed security service provider (MSSP), security software can help to ease the pain through the automation of processes. This is giving rise to interest in orchestration, automation, and management tools that can help to enact resolutions to IoCs while reducing the burden on human resources. This allows scarce human resources to focus on higher-priority activities that require greater levels of human input.

The scale and scope of the threat landscape is continuing to outpace the reactions of the market to handle them. Consequently, IDC expects the security software market to continue growing as enterprises seek solutions that reduce the burden on scarce resources and to prevent data breaches from becoming data losses (two separate concepts). Under current conditions, IDC's forecast shows the market surpassing the $7 billion mark by the end of the forecast period in 2020.