Embed Size (px)
Citation preview
© 2016 IBM Corporation
IBM Market Development & Insights
Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution.
Security Trends to Watch in 2016Quantity and complexity of external threats increaseIBM HorizonWatch Trend Report – External Version
Sonya Gordon, Market Development, Senior Advisor - IBM SecurityMaureen Kelledy, Product Manager, bluemine – IBM SecurityBill Chamberlin, Product Manger, bluemine – HorizonWatchApril 10, 2016
© 2016 IBM Corporation
IBM Market Development & Insights
Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution.
About This Trend Report
10April2016
Purpose: The slides provide an overview on the I.T. Security trend
Content: Summary information about the I.T. Security marketplace, including trends drivers, spending trends, industry business cases, and adoption challenges. Also included are links to additional resources.
How To Use This Report: This report is best read/studied and used as a learning document. You may want to view the slides in slideshow mode so you can easily follow the links
Available on Slideshare: This presentation (and other HorizonWatch Trend Reports for 2016) will be available publically on Slideshare at http://www.slideshare.net/horizonwatching
Please Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution.
2 HorizonWatch Trend Report: I.T. Security (External Version)
© 2016 IBM Corporation
IBM Market Development & Insights
Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution.
Security – Overview of Trend
Drivers A high profile security breach can cause major damage to a
brand Increased focus on Corporate risk management, governance,
compliance. Virtualization/Cloud = Separation of data user and data owner Growth in mobile, wearables, and IoT devices means new
endpoints. Mobile employees want access anytime, anywhere Increased threats, including malware, cybercrime, Phishing,
SPAM, bots Trusted Identity - trusted, privacy-enabling, shared and easy-to-
use identitiesInhibitors/Challenges Security is a barrier to cloud adoption, mobile, and IoT ROI is still not a true value of measurement of security
investment BYO Everything Increasing complexity of security environment Skills
Key Insights
10April20163 HorizonWatch Trend Report: I.T. Security (External Version)
Implications Increased pressure on the CISO
role to manage risk end-to-end across entire organization and every endpoint, every network connection
Increased need for skilled security professionals and service providers
Compliance will require continued investment
IT must understand implications of key trends such as cloud, mobility, social, big data, IoT, etc.
Encryption behind the firewall becomes a necessity
Biometrics continues to be an emerging technology that can be embedded into mobile solutions to enhance information security
Today, our world's infrastructure is both more sophisticated and more interconnected than ever before - linking vast amounts of information and services in new ways, but also introducing more security complexities and challenges in roughly equal proportion.
© 2016 IBM Corporation
IBM Market Development & Insights
Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution.
Security: 5 trends to watch in 20161. Market growth. The security market continues to grow
as the result of increased number of endpoints, increased complexity and new external threats
2. Enterprises look to services vendor for help. Security services, especially professional services, are in increased demand. Network security services is a large segment. Expect strong demand for both mobile enterprise management and managed security services.
3. Enterprises reduce the number of security vendors with which they work. Enterprises will place a higher value on solutions from vendors with broad security portfolios.
4. Internet of Things applications create new security revenue opportunities. The increased security risk of IoT over pure IT systems remains a key challenge for IoT implementations. Enterprise look to consultants for help.
5. Demand increases for SECaaS. Customers are choosing cloud-based security services for improved flexibility and scalability of security functions. Expect interest in incident response services (e.g., detection and remediation) and SIEM as a Service in 2016. Source: MD&I HorizonWatch, TBR
“The global cyber security Market to grow from $106.32 Billion in 2015 to $170.21 Billion by 2020, at a Compound Annual Growth Rate (CAGR) of 9.8%.” MarketsandMarkets
“By 2017, 75% of large enterprises will receive custom threat intelligence information tailored to their industry, company, brand, and environment” IDC
Market Trends
10April20164 HorizonWatch Trend Report: I.T. Security (External Version)
Other views on 2016 Trends• CIO.com :
5 information security trends that will dominate 2016
• CIO.com: 9 biggest information security threats through 2018
• Forbes.com: Cyber Security Trends To Watch: 2016
• NetworkWorld: 5 cybersecurity trends to watch for 2016
• IT Business Edge: 10 Security Trends to Look for in 2016
• Gartner: Top Security Trends for 2015-2016
© 2016 IBM Corporation
IBM Market Development & Insights
Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution.
In 2016, look for increased demand for SIEM, IAM, mobile security and managed security services.
Market Trends
10April20165 HorizonWatch Trend Report: I.T. Security (External Version)
Security Intel/Event Management (SIEM): Demand for SIEMs in 2016 will go beyond simple log collection/correlation to include more intelligence and analytics.
IAM. IAM is being deployed more often as a service. Small businesses are deploying IAM solutions as a service due to limited IT resources, while larger businesses existing on-premises investments in IAM are beginning to consider IAM in the cloud.
Mobile security: As mobility security services begin to mature, more demand for blended managed and hosted security mobility services. Success depends on a combination of people, process, and technology
Managed Services. Enterprises increasingly expect a flexible blend of managed and hosted security services as well as varying levels of monitoring and management for different areas of their business.
“The IT infrastructure is under constant attack from a variety of players from mischief-makers to nation states and everyone in between. The cybercrime environment is most interested in committing financial fraud, data theft, corporate espionage, and disruption or destruction of infrastructure and processes.”- IDC
“The increase in security spending is being driven by government initiatives, increased legislation and high-profile data breaches. Security testing, IT outsourcing, and identity and access management present the biggest growth opportunities for technology providers.”- Gartner
Solutions Review: Three Big Takeaways From Gartner’s 2015-2016 SIEM Critical Capabilities Report
© 2016 IBM Corporation
IBM Market Development & Insights
Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution.
Trends to watch within selected vertical industries
Prepared by TBR, Inc.
Market Trends
10April20166 HorizonWatch Trend Report: I.T. Security (External Version)
• Retail. The significant and widely publicized breaches at Target and The Home Depot raised risk awareness and spurred more security spending in the retail industry. Retailers’ OEM partners, including point of sale (POS) manufacturers, and suppliers are also motivated to invest in security controls to maintain their relationships with retailers.
• Healthcare. Because medical records cannot be cancelled like credit cards, they have a high value to cybercriminals. Breaches against healthcare providers are frequently attributed to highly organized, well-funded criminal organizations, compelling healthcare companies to expand their advanced threat detection projects.
• Banking. The biggest security challenge for banking customers is assessing the security capabilities of their third-party business partners. To decrease risk of attacks that originate in third parties’ infrastructures, banks will increase spending on products and services that help them monitor the security postures of third parties.
• Telco. Telecommunications operators are increasingly targeted by hackers and hacktivists that aim to disrupt phone and Internet service for millions of consumers and businesses. While most operators have established strong security controls, they still face significant risks in their supply chains, including partners’ security infrastructure sourced from manufacturers in different countries.
“Security features are rapidly being embedded into business applications. By 2018, 25% of security applications that were previously purchased independently will be incorporated directly into business applications.”- IDC
“Enterprises and organizations are engaged in a constant arms race with the attacking elements and generally the perception is that the offense is winning.”- IDC
HIN: Infographic: 2016 Healthcare Privacy & Security Outlook
© 2016 IBM Corporation
IBM Market Development & Insights
Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution.
Staffing shortages, cloud security concerns and international security laws continue to inhibit adoption of security solutions
Security staffing shortages. Nearly two-thirds of organizations worldwide report challenges hiring skilled IT security professionals. Security staffing shortages are especially pronounced in the U.S., where demand for security professionals will grow by 53% through 2018.
Cloud security concerns. Cloud security concerns persist, with many enterprises so concerned about security breaches that they don’t invest in the underlying cloud technology.
International privacy and data location regulations. There are hundreds of different laws around data collection, processing and transfer as well as breach notification in different countries, making it difficult for organizations to execute a security strategy that will be acceptable in all regions.
Source: MD&I HorizonWatch, TBR, Inc.
“The information security workforce shortfall is widening. In this year’s survey, 62% of the survey respondents stated that their organizations have too few information security professionals.” (ISC)²: Global Information Security Workforce Study
“For all types of cloud environments, security remains the top concern across the board. For firms not using cloud, 75% said security concerns were preventing their organization from using public cloud platforms” Forrester: Benchmark Your Enterprise Cloud Adoption
Adoption Challenges
10April20167 HorizonWatch Trend Report: I.T. Security (External Version)
Ponemon: Understaffed and at Risk: Today’s IT Security Department
© 2016 IBM Corporation
IBM Market Development & Insights
Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution.
The security job roles in organizations continue to be a challenge to fill with offering a competitive salary being one of the top inhibitors
“Organizations represented in this research find it difficult to find or keep staff . Primarily it is the inability to offer competitive salaries and lack of internal resources or adequate budget. “ Ponemon Institute
Adoption Challenges
10April20168 HorizonWatch Trend Report: I.T. Security (External Version)
“The IT security function is understaffed. Seventy percent of respondents say their organizations do not have enough IT security staff. “ Ponemon Institute
© 2016 IBM Corporation
IBM Market Development & Insights
Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution.
Security – Selected Analyst Information and Resources
451 Research: Security ABI Research: Security and Digital Security Forrester:
Security Research Security Blog Posts
Frost & Sullivan: Network Security Gartner:
Security and Risk Management Security Blog posts Security and Privacy Information Security
IDC: Security Products and Services Security and Business Continuity, Security Research Search for Security IDC FutureScape
: Worldwide Security 2015 Predictions
Gartner
Featured Links
10April20169 HorizonWatch Trend Report: I.T. Security (External Version)
“20% of security markets will shift protecting people and their assets to securing “things” that communicate among themselves without direct human interaction.” – IDC Security Infographic
© 2016 IBM Corporation
IBM Market Development & Insights
Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution.
Security – Selected Media Websites and Other Resources
CIO.com: Security ComputerWorld: Security Economist: Defending the digital frontier eWeek: Security Forbes: CyberSecurity and Security InformationWeek: Dark Reading Infotech: Security InfoWorld: Security Network World: Security Research Center NY Times: Search VentureBeat: Security Whitehouse.gov: CyberSecurity Wired: Security
10April201610 HorizonWatch Trend Report: I.T. Security (External Version)
“Interest in security technologies is increasingly driven by elements of digital business, particularly cloud, mobile computing and now also the Internet of Things, as well as by the sophisticated and high-impact nature of advanced targeted attacks.”- Elizabeth Kim, research analyst at Gartner
“By 2016, 25% of large enterprises will make security-related spending decisions based on analytical determinations of risk.”- IDC
Security Intelligence: 2016 IBM X-Force Report
Featured Links
© 2016 IBM Corporation
IBM Market Development & Insights
Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution.
Security – Selected IT Vendor & Consultant Websites & Resources
Accenture: Security Services Amazon Web Services: Security and Compliance Center Booz Allen: Cyber Solutions Cisco: Security Deloitte: Cyber Security Services EMC: Security Google: Application Security HP: Security and Risk Management IBM: Security and Security Software and
Chief Information Security Officer Microsoft: Security Tech Center Oracle: Security Solutions PWC: Managing cyber risks in an interconnected world SAP: Application Performance & Security Tata Consultancy Services: Managed Security Services VMware: Security and Compliance Wipro: Enterprise Information Security
IBM: Security Redbooks
10April201611 HorizonWatch Trend Report: I.T. Security (External Version)
“Expect increased investment in emerging offerings, such as endpoint detection and remediation tools, threat intelligence and cloud security tools, such as encryption.”- Gartner
“By 2017, 90% of an enterprise's endpoints will utilize some form of hardware protection to ensure that endpoint integrity is maintained.”- IDC
Featured Links
© 2016 IBM Corporation
IBM Market Development & Insights
Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution.
Security – Selected Social Media Sites and Searches
Facebook Security page Google Blog Search: Cybersecurity Google+ Communities Search: Security LinkedIn Group Search: Security IBM IBM Security Intelligence Pinterest Search: Information Security and
Cybersecurity Slideshare: IT Security and Information Security
and Cybersecurity Twitter: Search on hashtags: #security /
#cybersecurity / #infosec YouTube:
Information Security Playlists / Channels CyberSecurity Playlists / Channels
Wikipedia: Information Security and CyberSecurity
Information Security playlists YouTube
10April201612 HorizonWatch Trend Report: I.T. Security (External Version)
Featured Links
© 2016 IBM Corporation
IBM Market Development & Insights
Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution.
Security – IBM Resources and Linksibm.com links IBM Security: www.ibm.com/security/ Services: IT Security Services / Secure Engineering
/ Resiliency Services Software: IBM Security Systems: Security Cloud Computing: Cloud Security developerWorks: Security x-Force: X-Force IBM Redbooks: Security
IBM Social Media Platforms Social Aggregator: Security Community: IBM Security Intelligence Twitter: @ibmsecurity and @ibmxforce - hashtags:
#ibmsecurity and #infosec Blogs: Security Intelligence Blog / X-Force /
CISO Corner YouTube: IBM Security LinkedIn Group: IBM Security (7,434 members) Slideshare: IBM decks tagged Security
10April201613 HorizonWatch Trend Report: I.T. Security (External Version)
IBM Security video: Collaborate for Better Cybersecurity Defenses
“Cybersecurity is more than an IT concern, it requires engagement from across the business. However, many executives are either unclear on the risks or not sufficiently engaged in threat management.” IBM: Cybersecurity perspectives from the boardroom and C-suite
Featured Links
© 2016 IBM Corporation
IBM Market Development & Insights
Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution.
Selected links to additional resources
1. Baker Hotstetler: 2015 International Compendium of Data Privacy Laws
2. CIO.com : 5 information security trends that will dominate 2016
3. CIO.com: 9 biggest information security threats through 2018
4. Forbes.com: Cyber Security Trends To Watch: 2016
5. Gartner: Top Security Trends for 2015-2016
6. InfoWorld: Why hackers want your healthcare data most of all
7. ISC Global Information: Security Workforce Study
8. IT Business Edge: 10 Security Trends to Look for in 2016
9. NetworkWorld: 5 cybersecurity trends to watch for 2016
10. Ponemon Institute Ponemon Institute 2015 Global Study on IT Security Spending & Investments
11. PwC: PwC Global State of Information Security 2016
12. Verizon Wireless: 2015 Verizon Data Breach Investigation Report
10April201614 HorizonWatch Trend Report: I.T. Security (External Version)
Featured Links
© 2016 IBM Corporation
IBM Market Development & Insights
Note: This report is based on internal IBM analysis and is not meant to be a statement of direction by IBM nor is IBM committing to any particular technology or solution.
More Insights on Technology Trends are Available
15
Other slide decks in this IBM HorizonWatch 2016 Trend Report series have been posted to Slideshare
You are also invited to check out the following IBM websites and resources– IBM Academy of Technology– IBM Center for Applied Insights– IBM Institute for Business Value– IBM Research and Research News and 5 in 5– IBM’s THINK blog
10April2016 HorizonWatch Trend Report: I.T. Security (External Version)
