In the face of increasingly valuable applications, escalating threats, rising compliance pressures, more complex solutions, and a growing purchasing sophistication that demands real business return on information security investments, the security solution landscape is rapidly shifting. 

The straightforward application of separate, best-of-breed security “point” solutions no longer is adequate.  Both security technology and more effective overall IT management demand better integration in order to maximize security effectiveness and to contribute to the overall simplification and management of the IT fabric.  “Consolidation” is a word that’s frequently used by both vendors and users to describe the technical and customer solutions required to increase value while simplifying operation. 

These forces are emphasizing the system-level aspects of security: The integration and correlation of a broader source of event information; the definition and automatic evaluation of high-level policy definitions; the automation of as much of network and system operation as possible; the ability to systematically evaluate security vulnerabilities under modeled threats, and intelligently plan and evaluate potential mitigation and threat response strategies.

These driving forces are beginning to dramatically change the way security is interwoven into the infrastructure. 

Background

As network-connected and network-accessed applications became an important application model and of increasing importance to business operations, the need for, and importance of security solutions (starting with firewalls) has just grown and grown.  Despite the Dot Com meltdown and resulting IT recession, categories such as Firewalls and IDS saw revenues grow steadily throughout.  New and rapidly growing categories such as Security Incident Management, Vulnerability Management and Patch Management have emerged and taken off.  Even though overall venture capital investment was low during these years, security focused startups grabbed nearly $1B of new venture investment per year.  Well funded by revenue growth and additional investment when needed, during these years we saw evolution within existing product lines in all dimensions – increased functionality and bandwidth throughput as well as price/performance improvement and cost reduction. In the same timeframe communications suppliers such as Cisco and Juniper, and the platform companies such as Microsoft, IBM and HP kept upping their security investments and awareness in response to growing customer importance.

Market Drivers

The five big drivers behind the changing security landscape are these:

(1)  The increased value of information security assets being placed on IT systems and networks.

(2)  The rapid growth in the use and importance of network-enabled, server-based applications that necessarily service a geographically distributed, multi-organization user population.

(3)  The ongoing pressure on CIO’s to increase the effectiveness of IT and at the same time make it more cost effective.

(4)  The growing threat posed by increasingly sophisticated, “zero day,” and multi-faceted threats.

(5)  The overall size of the security markets and the structural investments by major platform vendors (such as Cisco’s network management initiative and Microsoft’s broad security enhancement investment).

The Bigger Picture – Security Integration and Automation

While customers have been pleased with the business success, re-investment and rapid evolution in security best of breed products, they are simultaneously dismayed by the growing complexity and stovepipe designs that often create as many problems as they solve and require ever increasing investments for staff education, system integration and operation. At the same time the business is making demands on the security team to contribute to initiatives like regulatory compliance or service level management.  Point solutions that are islands to themselves are increasingly technically ineffective and too complex and expensive to own and operate.