SIEM Gains as Consumer Security Software Fades
Security information and event management (SIEM) software fueled a robust global security software market in 2015 even as sales of consumer security software declined sharply last year, according to the latest accounting by market analyst Gartner Inc.
Gartner (NYSE: IT) reported this week that worldwide security software revenue jumped 3.7 percent over the previous year to $22.1 billion. Sales of SIEM software used to support threat detection and response to security breaches rose by a whopping 15.8 percent year-on-year as it gained market traction via its real-time collection and analytics capabilities. The analytics software is used to sift through a wide variety of event and contextual data sources to provide an historical analysis of security breaches.
Meanwhile, Gartner reported that global sales of consumer security software tanked in 2015, dropping 5.9 percent on an annual basis. Market leader Symantec (NASDAQ: SYMC) took the biggest hit, with annual revenues declining by an estimated 6.2 percent from the previous year.
Overall, leading consumer vendors registered a collective decline in revenues estimated at 4.2 percent in 2015. The declines for Symantec and second-ranked vendor Intel Corp. (NASDAQ: INTC) were attributed to a drop in consumer security and endpoint protection platform software. The latter combines device security functionality into a single capability that delivers antivirus, anti-spyware, firewall and host intrusion prevention.
Of the top five vendors ranked by Gartner, only IBM registered revenue growth last year on the strength of its SIEM sales along with its service business, which the market watcher noted also generates for its product segment. IBM (NYSE: IBM), which integrated its SIEM platform with market leader Resilient Systems last year, acquired the “incident response” specialist earlier this year.
"The below-market growth seen by these large vendors with complex product portfolios is in contrast to the market growth and disruption being introduced by smaller, more specialized security software vendors," Gartner research analyst Sid Deshpande noted in a statement releasing the revenue totals.
The sharp decline in consumer security software also reflects the growing sophistication of security breaches such as ransomware and the desire by more enterprises to detect and blunt attacks as they unfold. Businesses also are realizing that upfront investments in analytics-based approaches like SIEM may yield future savings as the cost of dealing with a single security breach can easily reach into the millions of dollars.
Hence, the core capabilities of SIEM technology are increasingly seen as a more comprehensive way of collecting data points on security "events" along with the ability to correlate and analyze those events across a range of data sources, Gartner noted.
So-called "operational intelligence" vendor such as Splunk Inc. (NASDAQ: SPLK) have recently released new versions of security and user behavior analytics packages. The new capabilities are said to combine the best features of machine learning and anomaly detection to sift through and prioritized data breaches and other threats.
Meanwhile, other emerging SIEM platforms are designed to automate security processes and policies used to respond to everything from insider attacks to lost mobile devices.