Infotech Lead India: By 2015, 10 percent of overall IT security enterprise product capabilities will be delivered in the cloud.
Gartner expects the cloud-based security services market to reach $4.2 billion by 2016.
The services are also driving changes in the market landscape, particularly around a number of key security technology areas, such as secure email and secure Web gateways, remote vulnerability assessment, and Identity and Access Management (IAM), said Gartner.
Demand remains high from buyers looking to cloud-based security services to address a lack of staff or skills, reduce costs, or comply with security regulations quickly.
Eric Ahlm, research director at Gartner, said: “The shift in buying behavior from the more traditional on-premises equipment toward cloud-based delivery models offers opportunities for technology and service providers with cloud delivery capabilities.”
In January 2013, a Gartner survey on security spending said security buyers from the U.S. and Europe, representing a cross section of industries and company sizes, plan to increase the consumption of several common cloud services during the next 12 months. The highest-consumed cloud-based security service is email security services, with 74 percent of respondents rating this as the top service.
27 percent of the respondents indicated they were considering deploying tokenization as a cloud service.
Regulatory compliance measures to comply with the Payment Card Industry Data Security Standard (PCI DSS), for example, are driving much of the growth of interest in tokenization as a service.
As a service, tokenization allows security buyers to avoid having to house personally identifiable information (PII) or other confidential information. The service allows organizations to remove tokenized systems from being considered “in scope” for PCI compliance, thus removing the burden of regulating the environment.
Another area that is likely to experience high growth is security information and event management (SIEM) as a service. Much of the interest is attributed to regulatory compliance concerns and security buyers’ need to reduce costs in the area of log management, compliance reporting and security event monitoring.
However, many customers in the enterprise segment will remain cautious about sending sensitive log information to cloud services, and this will continue to be an important aspect for security-as-a-service providers to address.
Gartner is advising value-added resellers (VARs) to supplement product implementations with cloud-based alternatives that offer large customers reduced operational cost and thereby increase the likelihood of customer retention in this market segment. VARs that fail to offer cloud-based alternatives might experience a decline in implementation revenue from customers seeking cloud-based solutions in certain market segments.