Page 1 of 3
The general economic outlook is certainly bleak, but end users say it won't dampen their voracious appetite for security solutions in 2009.
More than eight out of 10 companies plan to purchase security technology solutions this year, according to the recent 2009 CRN Market Report: Security survey of more than 350 IT decision-makers at small, midsize and enterprise companies.
Facing a recession that some experts have described as the worst since the Great Depression, a national credit crisis, a plunging stock market and widespread corporate layoffs, enterprise IT buyers admit that they are factoring the economy into their security purchase plans. Nevertheless, companies on average expect to commit 20 percent of their IT budgets toward security products and services, the same percentage as in 2008, according to the survey.
Solution providers say, however, that while companies are still buying security, many customers are taking a lot longer to make decisions about where to put their IT dollars.
"There's been a shift," said David Sockol, president of Emagined Security. "Right now, they're looking at things more from a risk-based approach. They're making decisions on what are their most important assets."
Overwhelmingly, companies of all sizes said that they are afraid of being victimized by sophisticated viruses and Trojans, many of which are designed to steal personal identification and financial data.
Customers are also desperate to avoid a data breach -- an event that has the potential to completely wipe out an SMB and can cost midtier and enterprise companies millions in lost revenue. The average cost of lost business from a data breach hit $4.1 million in 2007, while the cost of the breach itself is close to $200 per compromised record, according to a study issued by the Ponemon Institute.
They are all threats that Sean Stenovitch, a partner with M&S Technologies, said will only increase when times are hard. "In a down economy, desperation is going to create even more of a security risk," he said. "[What] it really boils down to [is that] customers have to have security. They have to have protection."
Antimalware
By a wide margin, antimalware topped the list of security products small and midsize companies plan to purchase in 2009 as customers strive to protect themselves from vicious cyberattacks.
Experts say that 2008 was a record year for attacks built on information-stealing malware, with SQL injections emerging as the most popular form of attack. According to a December Security Intelligence Report issued by MessageLabs, now part of Symantec, the average number of new malicious Web sites increased 83 percent in 2008, rising to almost 3,000 new sites a day.
End users are definitely feeling the pressure.
"Data breaches and security threats are increasing dramatically, and we have to be more conscious of our architecture in such a way that we have to protect it from any kind of malicious attack," said an official from the Office of Enterprise Technology for the state of Minnesota, who asked not to be identified. "It's one of those things, like chasing a car, you can never catch up. You're always a few feet away from the latest threat."
As a result, antimalware is likely going to see the most significant growth in the small and midmarket segments, with 36 percent and 38 percent of each respective market segment maintaining that they plan to purchase antimalware solutions in 2009. And because of the weak economy, many vendors are offering end-point security licenses for extended terms of two to three years, but at a discounted rate, solution providers say.
But cybercriminals also continue to go for enterprise jackpots. As a result, nearly a quarter of enterprise companies surveyed said they plan to purchase antimalware solutions, putting it at No. 3 on the list of technologies large customers plan to purchase, behind data loss prevention and Web security.
"[The reason to install antimalware] is the same reason we're probably buying insurance on our cars. The cost of damage is so great," said Brian Fuher, VARassist program manager of SoftwareOne. "It's low-risk, high-reward. It's low-cost and such a great devastation if you get successfully attacked."
Web Security
With companies hopping on the antimalware bandwagon, it stands to reason that they're preparing for Web 2.0 threats as well. Last year saw an explosion of malware attacks spread via the Web. A recent threat report from security vendor Sophos estimated the number of unique malware samples in 2008 to be at least 11 million, tripling from the previous year. And experts say they don't see that trend slowing down in 2009.
"Certainly the bad guys don't stop attacking companies and taking information because we're in a bad economy," said Chris Doggett, director of global channel programs at Sophos. "If anything, there are more people out there willing to take part in illegal activities because they're under more pressure than when times are good."
It's a trend that hasn't gone unnoticed by end users. Surveyed IT decision-makers ranked Web security just under antimalware in terms of priority for 2009 purchases. Congruent with this trend, Fuher said that he's seen a definite uptick in the number of security products focused on Web applications in 2008. "More people are attacking [Web applications] instead of trying to go through the back door and into their firewall. They're trying to attack the Web end of their business and get in that way," he said.
In particular, midmarket companies will likely be the biggest buyers of Web security infrastructure. But in light of increasingly sophisticated and financially driven threats, Web security products will also do well with enterprise customers. More than half of enterprise customers surveyed said that they purchased Web security products last year, and 30 percent plan to add Web solutions to their security infrastructure this year.
Web security is not as high of a purchasing priority for businesses with fewer than 100 users, as it tied for fourth place with perimeter security on the list of technologies they plan to buy this year behind antimalware, data loss prevention and wireless security. VARs say that could be attributed to the fact that SMBs are forced to prioritize due to financial limitations.
But that could change, solution providers said, as Web threats continue to create security challenges for even the smallest of businesses.
1
|
2
|
3
|
Next >>
|
Symantec's Code Red: The Law Enforcement/Anonymous E-Mail Exchange Law enforcement officials negotiated via e-mail for more than two weeks with an Anonymous group member trying to extort $50,000 from Symantec to keep stolen product code off the Internet. |
|
How To Sell IT Security Services To Your Customers Cyberattacks can cost a business thousands, even millions, of dollars, and can deal a death blow to some. Here's how IT solution providers can help guard against malicious attacks. |
|
Cybersecurity Experts: What They Know Could Scare You A recent report based on interviews with security experts in government, business and academia finds more than half in agreement that a worldwide arms race is taking place in cyberspace. |
 More
Slide Shows |
- Worker Abuse Protest Targets Apple, Supplier Foxconn
- Symantec Says Anonymous Behind Extortion Plot
- VARs Say VCE To Target SMBs With Entry-Level Vblocks
- EMC Rolls Out PCIe Flash-Based Storage Technology
- McAfee Rolls Out Patch For Anti-Malware Service
- New McAfee Channel Chief Promises Recertification Changes
- Trend Micro Spruces Up SafeSync For The Channel
- Ingram Micro Adds Kaseya, Symantec, Trend Micro To Cloud Arsenal
- Insider Threats: The Next Frontier for Security Resellers and SMBs
- Complete Security and Your Bottom Line: Sophos, Value and the Channel
- Tough Threats, Tougher Security: How You Can Leverage New Solutions To Combat A “Targeted Attack” Landscape
- Dark Clouds Ahead: Why the Mid-Market Needs To Ramp Up Cloud Security and How You Can Help Them Get There
