The IDC FutureScape is an important compilation of several disciplines within IDC’s research sectors distilling insights from IT, cybersecurity, analytics, managed security services, identity and access management, and data and digital security. The perspective is global, and analysts from different global regions participated in the study. Each prediction is designed to demonstrate an outcome, although the limit of the study are predictions made through January 1, 2024. The larger goal of the exercise is to provide guidance for IT technology providers and for technology providers to best utilize their personnel, maximize the impact of current investments (and plan future investments), and improve their cybersecurity postures.
From 2017 and into 2018, three tectonic shifts are shaping security strategies. The concept of identity is front and center. Identity has ramifications including anonymity (is anonymity a right or is it even possible?), as an entity, as a set of behaviors and, for security teams, as personally identifiable information (PII) that has legal ramifications and carries indemnity if PII is breached.
The second shift is furthering the use of analytics. Analytics is a broad term, but in a security context, 2017 was a transitional year. User entity and behavioral analytics (UEBA) is becoming ubiquitous in endpoint, security point products, and managed security service platforms and is used to establish a pattern of behavior of entities on a network; this is needed because malware often goes undetected and behavioral anomaly is the last chance to detect an indicator of compromise (IOC). Analytics are used to provide insight to log and flow data in devices where agents cannot be deployed, which is increasingly important in the emergence of Internet of Things (IoT). Security analytics are used to collect alerts, reduce false positives, iron out redundant alerts, and refine alerts to produce an actionable version of the truth. Last, analytics can be predictive — optimally, analytics can be used to anticipate a type of attack witnessed against one network but then use the information to initiate a set of defenses against other potential targets.
The last shift is that security concerns extend to software containers. The term SecDevOps is used to describe software containers and application environments that security or IT teams use to write custom applications. Software developers are a different breed and often do not wish to work within the confines of company protocols preferring agility over security. However, a buggy app can be as much as 10 times more difficult to patch than secure software that may have vulnerabilities. In addition, if there is a problem in memory (misconfiguration, leaks, or poorly designed garbage collection logs), then false positives accrue. Rightly, the security and operations (SecOps) stack begins at the time of application development.
IDC’s predictions for the 2019 worldwide security products and services market are:
- Prediction 1: By 2022, enforcement of PII laws will severely impact at least 1 G2000 firm by imposing a huge fine and restriction of trading, raising C-suite concern, and inducing annual reporting on digital risk.
- Prediction 2: By 2021, fully 50% of legitimate security alerts will have an automated response, untouched by human analysts.
- Prediction 3: 90% of managed security services customers will adopt threat life-cycle services by 2024, rising from 50% in 2019.
- Prediction 4: By 2024, quantum computing will have evolved enough that 25% of nation-states will have the means to decrypt current public key infrastructure technologies.
- Prediction 5: By 2024, 20% of digital personae are linked to a verifiable government identity.
- Prediction 6: In 2019, there are roughly 1,400 companies offering cybersecurity services or products of significance; by 2023, the number of cybersecurity companies will drop by nearly 40% from 2019.
- Prediction 7: By 2021, demand for key management as a service will rise by 20%, with an emphasis on native encryption services from public cloud providers.
- Prediction 8: By 2022, anonymity will only exist on the dark web; 100% of those conducting commerce or social activities will be either pseudonymous (identity protected but available with court order) or identified.
- Prediction 9: By 2024, the United Nations will endorse an “internet blockade” as an economic sanction against at least one violating country or regime.
- Prediction 10: By 2023, data migration projects associated with adoption of big data analytics platforms will prompt security teams to eliminate siloed and encryption solutions and consolidate 30% of encryption spend.
This IDC study presents the top 10 predictions for the 2019 worldwide security products and services market.
“We see this as a complicated time for IT and security practitioners as the complexity of networks is changing, the adversary becomes better equipped, protection of identity is requisite, and compliance becomes enforceable,” said Christina Richmond, program vice president for IDC Security Services. “We also see this as a time of opportunity as businesses have various options in products and services that enable them to shape a precise cybersecurity posture that is fiscally attractive and addresses the needs of both security and operations.”
Learn more about the 2019 Security Products and Services Predictions
For context around these predictions, including the IT impact and guidance on how to integrate each prediction in the digital strategy of the enterprise, view the IDC FutureScape: Worldwide Security Products and Services 2019 Predictions web conference on-demand.
Christina Richmond, Program Vice President, IDC Security Services