DevOps, Cloud Changing the Security Market – Report

The emergence of public cloud, SaaS and DevOps is changing the way IT purchases security for the enterprise, according to Gartner.

Scott Ferguson, Managing Editor, Light Reading

August 16, 2017

3 Min Read
DevOps, Cloud Changing the Security Market – Report

The emergence of cloud computing, especially public cloud services and software-as-a-service (SaaS), and the move to DevOps is changing the way IT is purchasing security for the enterprise, according to a new report.

Security services is now the fastest-growing segment of this market, thanks to the increasing adoption of public cloud, which is also reducing the need to rely on traditional hardware to secure the networking and infrastructure, according to a report Gartner released on Wednesday.

Overall, the global security product and service market is growing at a healthy pace. In 2017, it is expected to reach $86.4 billion -- a 7% year-over-year increase. That number is then expected to grow to $93 billion by 2018.

However, a closer look at the report shows how different emerging trends in the cloud are altering how IT approaches security and what administrators are willing to invest in to protect the network and infrastructure.

Figure 1: Locking it down is never easy (Source: TheDigitalWay via Pixabay) Locking it down is never easy
(Source: TheDigitalWay via Pixabay)

The industry has understood for years that cloud is changing the way businesses of all sizes purchase software -- switching from long-term commitments to on-demand needs. This is also true in security, as enterprises move away from traditional, hardware-based security as more workloads move to public cloud providers, which provide security on their end, as well as SaaS, where the provider updates the software and makes security patches.

At the same time, the move to DevOps, which looks to speed up application development and delivery, has enterprises spending more on app security testing tools such as interactive application security testing (IAST).

This echoes another report released in July by DigiCert, which found that more enterprises are trying to ingrain security practices into the DevOps process much earlier to ensure that applications are developed with security in mind. (See Enterprises Look to Bake Security Into DevOps – Study.)

In order to deal with this shift is security, Gartner finds that many businesses are turning to managed security services, which demonstrates that businesses are investing in outside consulting services, as well as outsourcing some security functions to third parties.

Keep up with the latest enterprise cloud news and insights. Sign up for the weekly Enterprise Cloud News newsletter.

The report found that in the next three years, about 40% of managed security services will be bundled with other security services and IT outsourcing projects. This bodes well for companies such as Rackspace, which are offering security managed services as it manages public and private clouds for customers. (See Rackspace Wants to Encrypt Customer Data in the Cloud.)

Finally, there are new government rules, regulations and compliance that enterprises need to follow, but are complicated as data moves from on-premises data centers or private clouds to public clouds. The European Union's upcoming General Data Protection Regulation (GDPR) rules have more businesses investing in data loss protection (DLP) services, as well as add-ons such as data masking and data discovery. (See IBM Targets Data Governance as Europe Eyes More Privacy.)

"Rising awareness among CEOs and boards of directors about the business impact of security incidents and an evolving regulatory landscape have led to continued spending on security products and services," Sid Deshpande, a Gartner analysts, noted in the August 16 report.

Related posts:

— Scott Ferguson, Editor, Enterprise Cloud News. Follow him on Twitter @sferguson_LR.

About the Author(s)

Scott Ferguson

Managing Editor, Light Reading

Prior to joining Enterprise Cloud News, he was director of audience development for InformationWeek, where he oversaw the publications' newsletters, editorial content, email and content marketing initiatives. Before that, he served as editor-in-chief of eWEEK, overseeing both the website and the print edition of the magazine. For more than a decade, Scott has covered the IT enterprise industry with a focus on cloud computing, datacenter technologies, virtualization, IoT and microprocessors, as well as PCs and mobile. Before covering tech, he was a staff writer at the Asbury Park Press and the Herald News, both located in New Jersey. Scott has degrees in journalism and history from William Paterson University, and is based in Greater New York.

Subscribe and receive the latest news from the industry.
Join 62,000+ members. Yes it's completely free.

You May Also Like