The security market has been fairly quiet when it comes to mega breaches and smaller breaches in recent months, but security incidents for the year overall are still up in double digits, according to a recent study by Piper Jaffray.
According to the study, released Monday, the number of breaches in July was below average, with only 55 reported incidents (including only one “large” breach) during the month. That represents an 18 percent year-over-year decrease from July 2015, the study said.
That being said, breaches overall for the year are still up double digits over 2015. So far this year, there have been 569 reported breaches, up 18.3 percent over the same period last year, the study said. The business and health-care sectors were hit the hardest during the month, the study found, up 49 percent and 35 percent, respectively.
The trend to pull from these statistics is that breach activity is continuing to escalate, although recent breaches are smaller than those in the same period last year, said Andrew Nowinski, senior research analyst at Piper Jaffray.
“Even though the breaches are less complex, the fact that activity is still increasing is a good thing for the rest of the security industry,” Nowinski said. “As long as we’re seeing an increase in breach activity, that will translate into improving revenue growth over the next six to nine months.”
Nowinski said Piper Jaffray found there was an 80.9 percent correlation between the number of breaches and revenue growth for security companies. Revenue growth is usually seen two quarters after an escalation of incidents, the study found. That growth will be particularly strong in areas outside traditional perimeter technologies where enterprises have already invested, Nowinski said, citing email security, privileged account management, identity and access management, and endpoint security as examples.
While much of that growth is targeted at the vendors, Nowinski said solution providers should also expect to see a revenue bump from increased security incidents.
“There is a partner trickle-down,” Nowinski said. “The partners and the resellers still appear to be doing pretty well.”
Richard Delaney, CTO at Sloatsburg, N.Y.-based Delaney Computer Services, said that opportunity might be even bigger than Piper Jaffray is reporting, as he said he sees many more companies being unwilling to report security incidents and breaches. Delaney said his experiences working to bring security to small businesses have shown him that incidents are increasing, not decreasing.