According to market analyst Gartner, worldwide security software revenue is expected to total US$9.1 billon in 2007, a 10.7 percent increase from the 2006 revenue of US$8.2 billion.
The future success and direction of the security market will be closely aligned to the channel's involvement in the flourish sector.
Knowing how to succeed in security, whether the reseller is an experienced player or a new market entry, is an essential component to thriving in the highly competitive IT channel.
Ask the industry what is hot at the moment in security and you will receive a wildly mixed response. The security vendor environment is a crowded marketplace, with the main players all vying for a slice of the extensive security pie.
"The security market is the largest software market in the world, it is worth billions," said David Perry, global director of education at security vendor Trend Micro.
"My message to resellers is do not assume customers are on the same page as you, as security is very much a rapidly changing market," he said.
"Resellers have to get out to the market as vendors are making different claims. For example, at the moment web threats are growing and if you don't know that, you're behind the eight ball," he said.
Mixed vendor approach
Perry said the security market is currently in a state of flux and many firms are taking different approaches.
"It is likely resellers are going to walk into a multi-vendor environment, as you won't find all your eggs in one basket," he said.
"I have been in anti-virus since 1990 and been in Trend almost 10 years, and by and large people are using multiple vendor offerings. Many end-users like to have this multi-vendor approach to make sure someone catches something."
Perry said identity theft is a significant theme of the threat landscape, with a high magnitude of online fraud being used to scan for users' credit card details.
Scott McKinnel, country manager for A/NZ at security vendor Check Point, said: "We operate in the networking and data security side, and are finding end-point security is going off.
"Resellers need to build that critical mass in security and they will be laughing. The challenge is that it's very difficult to build that critical mass."
McKinnel said the problem many resellers face is that they underestimate security and believe they only need a few technical skills.
"Some resellers underestimate there is a real investment needed in security, its sales cycle can be longer than traditional sales, and it is sometimes a reluctant purchase for end-users as it is about risk mitigation, not improving the bottom line."
Speaking locally, McKinnel said Australia and New Zealand is a fairly mature and quite dynamic market.
"In some senses we are as sophisticated as any other developed market. Quite often A/NZ is the early adopter of emerging technologies," he said.
McKinnel said the value-add opportunity for resellers is in professional services as security is not a static service, while pure project management is also an option.
Zoe Nicholson, channel sales manager at another security player, Sophos, said: "The trend on the security product side is around web security, network access control, while mobile security is also important, too.
"On the concept side it is about security and control rolled into one and resellers want vendors to provide a one-stop shop. Vendors are getting close to that."
Nicholson advised that resellers need to look into the new security aspects and have to educate themselves so they can go and talk to customers.
"There will be a huge shift for resellers to become solution providers and to bundle and package a lot more deals, where before they have done just specific sales.
"Australia is not that different to the rest of the world. We are seeing a big uptake on the web side and over the next year there will be an increased focus on mobile security," added Nicholson.
Alexey Gromyko, business development of A/NZ/APAC at Kaspersky, said his current view of security in Australia encompasses the continuing criminalisation of the Internet, and an increased variety of malware and attack methods.
"Organised cyber crime society will continue massive efforts refocusing to the mobile technologies in the business and consumer segments," he said.
"In particular, we expect virus writers to continue using Trojans to steal user information. Users of various online banking and payment systems will remain the main targets."
Gromyko said the symbiosis between virus writers and spammers will result in infected computers being used to conduct new epidemics, alongside targeted attacks and spam mailings.
"Email and browser vulnerabilities will remain the chief infection vectors used to penetrate computer systems," he said
"Direct port attacks will be far less common and will depend on whether or not critical vulnerabilities are identified in Windows services."
Gromyko said IM applications will remain among the top three most common infection vectors, but he does not expect to see any significant increase.
The Vista factor
"Vista will undoubtedly play a deciding role in 2007. Both Vista and the vulnerabilities within it will be a determining factor in the evolution of malicious code over the next few years. Although it's unlikely that there will be major changes in the near future, this new product will establish future trends."
Gromyko said there will also be a significant increase in the number of malicious programs for other operating systems, first and foremost for MacOS.
"The number of targeted attacks on mid-sized and large businesses will increase. In addition to traditional information theft, these attacks will be designed to extorting money from the victim organisations."
Gromyko said security vendors are tied to the development of malware technologies and the necessity to protect users from them. On the dawn of the malware era there was no particular need for anti-spam protection and firewalls, and there were no such products on the market, but when the threat of hacker attacks and mass spam mailings emerged, respective solutions were rapidly developed and introduced.
"The security segment is following the trend of the quickly developing technologies where all the businesses and consumers are going to leverage these technologies and will be seeking security solutions."
Gromyko said resellers understanding what is really behind vendors' marketing has always been an important issue for the customer as this is what customers want to be sure about, and once a reseller becomes a problem solver, this results in long-term customer dedication.
"To deliver high quality anti-malware, anti-spam solutions which is a commodity service today, resellers need to have relevant expertise, which comes with qualified security professionals," added Gromyko.
Joel Camissar, country manager for Australia and New Zealand at Websense, said in recent times there has been a shift in motivation for hackers from hacking for fame, to hacking for fortune.
"A couple of years ago security was about mass emailing, but now using the web is the main threat vector. The aim of the hacker is to get users to go online, through a link on an email. This is where resellers can come in as they need to have an understanding of the threat landscape," he said.
Camissar said the Australian security market is typical of the Western and European market in terms of security adoption, with the difference being there is more compliance with Sarbanes-Oxley in the US which is driving protection.
Geoff Haggart, vice president of Asia Pacific at Websense, said: "Australia is a lot more advanced in terms of implementing security solutions compared with the rest of Asia.
"Resellers have got to keep up-to-date with what is happening. Threats have moved onto the web and things are become more sophisticated. This has happened in a fairly short amount of time, so resellers need to be on top of this and listen to the experts, analysts, vendors and customers," he added.
Projected growth
Patrik Bihammar, senior analyst for security solutions and system management software at IDC Australia, said: "The total Australia security solutions market was valued at around A$850 million in 2005 and is forecast to increase at a compound annual growth rate (CAGR) of close to 10 percent to reach more than A$1.3 billion by 2010."
Bihammar said prominent security issues include regulatory compliance, endpoint security, policy-based security management, and more holistic security will drive the demand for security solutions amongst Australia organisations.
"Some of the key challenges include the complexity of managing security, with limited resources both in terms of budget and lack of security skills and expertise. Messaging security and identity and access management are strong growing markets in security at the moment," he said.
Bihammar said some markets in security such as identity management are more direct while areas such as threat management, secure content management software and appliances are more channel dependent.
"The channel plays an important role for security vendors in terms of reach and local touch with the end-users," added Bihammar. "Establish close relationships with the end-user community and prove their value proposition to the vendor to get appropriately rewarded including marketing budget and training."
Future threats
It is a difficult task to predict the future twist and turns of the security landscape. It is a huge task for those involved in security to move with the changing threats and ensure disruptions are kept to a minimum.
Looking forward, Perry at Trend said: "We are seeing computing devices spreading to every area of our lives and all this will need protection in the future."
McKinnel at Check Point, said: "We are seeing a lot of consolidation in the market and we have spent US$1 billion on acquisitions in the past three years. There is a pipeline with smaller companies bringing out niche technology and getting acquired as they reach a certain size. In the future we will see continued consolidation."
Haggart at Websense added: "I think there will be a lot more negative stuff happening, with the web being used more as a platform for attacks. We need to keep on top of that and areas such as compliance will raise the issue of security, too."
The sector's different voices have diverse views on the current security landscape and its future direction. This could be viewed as a further complication for resellers keen to crack the sector. However, it can also said that the security has a number of opportunities providing resellers have their pulse on changing trends and know how to sell security.
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
