Security partners say they're seeing a significant opportunity around identity and access management, and believe the next step in exploiting it is to expand into DevOps.
"Where we are seeing wallet with customers is around identity and access management. Those customers are racing to identity solutions, and DevOps is driving a lot of that… There's a lot of tail winds around DevOps and access management," Aubrey Turner, client solutions advisor for Identity and Access Management at Denver-based Optiv Security, said.
Scott Whitehouse, vice president of channels and alliances, Americas at Newton, Mass.-based CyberArk, agreed, calling DevOps the "next horizon" for the identity and access management market. He said that opportunity will accelerate as more companies start to use DevOps and new applications as a revenue driver.
"As soon as you extend [security] into DevOps, the next thing you realize is that… the security risk is ongoing," Whitehouse said. CyberArk doubled down on this opportunity in May with its acquisition of Conjur.
The identity and access management is expected to reach $14.8 billion by 2021, up from $8.1 billion in 2016, according to research firm MarketsandMarkets. That represents a combined annual growth rate 12.9 percent. Partners spoke with CRN about the identity and access management market at an exclusive roundtable, held at CyberArk's Impact 2017 conference, held in Boston this month.
However, partners said it's still early for the opportunity to bring identity and access management and privileged account management (PAM) to DevOps. Optiv's Turner said the "majority" of customers are still focused on locking down the basics when it comes to IAM and PAM, with some of the more mature security customers starting to look at DevOps as the next step in that area.
"It's sort of the looming challenge and we will get more of those customers. We are still helping some clients with the more fundamental controls," Turner said.
Chris Hall, partner at PricewaterhouseCoopers, said he also sees customers focusing on "fundamental hygiene" around IAM and PAM, especially after recent ransomware outbreaks. However, he said DevOps is the "next evolution of the conversation."
Hall said the move to bring security into the DevOps process means that different teams within customer organizations need to come together. He said channel partners can play a critical role in helping customers have those conversations by sitting the security, infrastructure, operations, and DevOps teams at the same table.