Security-as-a-service model gains traction
27 April 2017 | 0
With mid-market companies feeling an increasing need to devote time and resources to network security, the security-as-a-service model is gaining traction, according to new research released yesterday by 451 Research.
“The security challenge for mid-tier businesses is multi-dimensional,” Daniel Cummins, analyst at 451 Research, said in a statement. “For these businesses, everything seems to be increasing—attack frequency, compliance requirements, complexity, costs and the number of security products that need to be managed. Cloud-based security-as-a-service offers potentially significant advantages in terms of simplicity and access to security that may prove to be less complex and expensive than traditional approaches.”
Eighty-two percent of study respondents said they spend 20 to 60 hours a week of in-house staff resources to procure, implement and manage security products. Nearly 75% of respondents said they dedicate three to five full-time employees to manage their security. The financial hit to these businesses averaged $178,000 (€163,000) annually just for network security, representing 39% of an organisation’s total IT budget.
Respondents also indicated that they expect the financial burden of network security to continue to increase. 451 Research concluded network security spending will grow nearly twice as fast as overall IT security spending over the next five years. It projects a compound annual growth rate (CAGR) of 8.9%, from $2.4 billion (€2.2 billion) in 2016 to $3.5 billion (€3.2 billion) in 2021. Forty percent of the survey respondents projected their spending on network security would increase 10 to 20% in the next 12 months.
Nearly 40% of the survey respondents said their security workload is currently managed by part-time employees, contractors and Managed Security Service Providers (MSSPs). But things seem to be swinging in favour of a security-as-a-service model: Seventy-two percent of survey respondents said they have a preference for security-as-a-service, compared with nine percent who preferred MSSP and 19% who preferred on-premises solutions for managing security.
Urgency of demand
“We thought there would be a preference for the ease and simplicity of security-as-a-service solutions, but we were genuinely surprised by both the degree and urgency of the market demand,” Ken Ammon, chief strategy and technology officer, OPAQ Networks, said in a statement. “Eighty-seven percent of respondents said their timing for migrating to this type of network security delivery model was within a 12-month time frame. MSSPs are and will continue to play an important role in advising and supporting incident response, but this study reveals that MSSPs should look to leverage cloud-based solutions in order to deliver what the market is demanding.”
451 Research study also found the following:
- Data loss prevention, network access control and encryption are the most sought-after cloud-based security capabilities, followed by threat management, application control, SSL decryption and URL filtering.
- Threat management and branch office enablement and optimisation were the top cloud-based security use cases cited by respondents, followed by multiprotocol label switching (MPLS) displacement, MSSP displacement, on-demand security and securing SaaS applications.
- More than 60% of respondents cited legacy IT as the greatest barrier to improving visibility and control within their networks, followed by lack of budget (27%).
IDG News Service