Security Software Still a Booming Biz

The worldwide security software market is on pace to reach $3.2 billion in 2000, a 22 percent increase over 1999 revenue of $2.5 billion, according to Gartner Group’s Dataquest Inc.

Dataquest also predicts the market to grow at a compound growth rate of 21.7 percent through 2004 when revenue will surpass $6.7 billion.

The security software market is made up of multiple disciplines, and few vendors focus on only one aspect of the market. Management framework vendors such as Computer Associates, IBM/Tivoli and Hewlett-Packard are increasing the focus on security in their core offerings.

“With the Internet offering new opportunities for intrusion and distribution of malevolent code, and with it also offering new opportunities in the skyrocketing e-commerce space, software vendors are looking to strengthen and expand their security software offerings,” said Carolyn DiCenzo, chief analyst for Gartner Dataquest’s Network, System and Storage Management Software Worldwide program. “Services will become more important in support of security products, but also as a way to deliver solutions to customers.”

Top 10 Viruses of September
1. VBS/LoveLetter.worm
2. IRC/Stages.worm
3. W32/MTX@MM
4. W97/Marker.gen
5. W32/Pretty.worm.gen
6. W97M/Ethan.a
7. W97M/Thus.gen
8. W32/Fix
9. W97M/Class
10. W97M/Melissa.a@MM

Antivirus products represented 31 percent of the security software market in 1999, led by Network Associates with 43.8 percent of the market. Symantec came in second with 33.8 percent, and Trend Micro third with 11.9 percent share. Looking at the portion of the security market without the antivirus products included found IBM and Computer Associates vying for the top slot with 22.6 and 22.3 percent market share, respectively.

“As Internet and e-commerce applications mature, security will gain increased focus, creating more opportunity for vendors,” DiCenzo said. “Vendors of point solutions that are not best-of-breed need to widen their portfolios to address the limited market for suite-type solutions or look for merger or acquisition partners.”

E-mail viruses are growing in number along with email users, according to data collected by

“Clearly, we are seeing that as the popularity and dependence on email grows, virus activity is keeping pace,” said Brad Schrader, president of Business Management Services. “This quarter has seen a variety of high profile and new threats to businesses, including the ‘Stages’ worm; ‘Phages’, a virus for the Palm, and even ‘Love Letter,’ a virus that nearly everyone in the world has heard of but is coming back strong.”

The “Stages” virus usually comes in an email joke about the male and female stages of life.

According to “The 2000 Information Security Industry Survey” published in Information Security magazine, the number of companies spending more than $1 million annually on computer security nearly doubled in the past year, and security budgets are up 188 percent over the last two years.

“Results of this survey prove that spending millions of dollars adopting security practices doesn’t guarantee effectiveness,” said Andy Briney, editor-in-chief of Information Security and lead analyst on the survey. “CEOs and CIOs need to focus on security solutions that fit their specific network needs. A large dollar amount alone will never guarantee network safety.”

According to the survey, companies will also need to pay more attention cybersabotage. Compared to 1999, nearly twice as many companies experienced insider attacks related to the theft, sabotage or intentional destruction of computing equipment this year. Meanwhile, the number of organizations in which employees intentionally disclosed or destroyed proprietary corporate information increased by 41 percent.

Not surprisingly, companies conducting B2B or B2C e-commerce are at higher risk of attack, according to the survey. E-commerce sites experienced more attacks in 15 out of 16 categories measured by the survey. For instance, companies conducting e-commerce were twice as likely to have their Web servers attacked by hackers.

The study also found that the best defense against security attacks and incidents is a layered defense: the use of overlapping computer technologies to detect and react to security breaches and incidents. Companies deploying multiple computer security tools detect a far greater number of attacks than those using fewer security controls.

Related reading