IT-Sicherheit

Network Security Report

20.03.2003

Market Analysis

Butler Group has analysed the market drivers and identified eight major areas that are pushing customers to desire and purchase IT security solutions. The first driver we have identified is hype - both the press and IT security vendors love to report stories of security breaches and imply that security is severely lacking in all organisations. From the perspective of the press it is an easy story to write, and one which readers are likely to be interested in. There are also political reasons for highlighting particular stories, an excellent example being the repeated reporting of breaches on MicrosoftMicrosoft products. We strongly believe that the reporting on Microsoft is not a fair representation of security breaches as a whole. Some vendors seize on these reports and use them to exploit the fears of customers. Alles zu Microsoft auf CIO.de

Most of the other drivers are more positive, looking at factors such as the increasing connectivity between organisations and their customers, partners, and suppliers. Legislation is another driver, pushing businesses to ensure they are protecting customer data as much as possible. The development of standards is important - most software vendors have adopted those interim standards already developed, and as they are enhanced, technology will be driven forward.

Following on from the market drivers, we have found that there are a number of adoption issues surrounding the use of IT security. Many companies today look for an ROI on any investment, and IT security is no different. However, it is extremely difficult to calculate ROI on security projects, as the traditional calculations cannot really be used. The most appropriate view to take is one of insurance: without IT security your business is uninsured against attack. A gradual approach to the adoption of IT security is likely to be taken by most customers. This results in a modular approach being preferred and vendors are looking to address this by providing interoperable modules (OPSEC, the Open Platform for SecuritySecurity, is a good example here). Ease-of-use is a crucial part of any security solution and those that are unnecessarily complex are unlikely to achieve widespread adoption. Alles zu Security auf CIO.de

Moving on to what Butler Group expects to happen in the short-, medium-, and long-term, we believe that of the three technology types reviewed, AV is the one with the most uncertain future as a standalone product. Pure-play vendors that are solely dependent on AV functionality must either capture and maintain best-of-breed status, and partner with other technologies, or face a bleak future. Firewall and IDS technologies will continue to increasingly overlap in functionality, but will remain largely separate markets. Application developers are likely to continue in their production of insecure software in the immediate future, guaranteeing the continued success of the security market as a whole. At the moment it is too early to worry about Web services or wireless networks, as in their separate ways these are not really mature enough for hackers to pay serious attention to them. However, their use in conjunction with production networks should be strictly controlled.

Der vollständige Bericht kann bei der Butler Group bestellt werden.

Zur Startseite