Menu
​Security strategies shift as detection and response priorities prevail

​Security strategies shift as detection and response priorities prevail

Spending on enhancing detection and response capabilities is expected to be a key priority for security buyers through 2020.

Enterprises are changing security spending strategies in 2017, moving away from prevention-only approaches to focus more on detection and response.

According to Gartner research, the shift in approach comes as worldwide spending on information security is expected to reach US$90 billion in 2017, an increase of 7.6 per cent over 2016, and to top US$113 billion by 2020.

Specifically, spending on enhancing detection and response capabilities is expected to be a key priority for security buyers through 2020.

“The shift to detection and response approaches spans people, process and technology elements and will drive a majority of security market growth over the next five years,” Gartner Principal Research Analyst, Sid Deshpande, said.

“While this does not mean that prevention is unimportant or that chief information security officers (CISOs) are giving up on preventing security incidents, it sends a clear message that prevention is futile unless it is tied into a detection and response capability.”

Deshpande said that skills shortages are further driving spending on security services.

“Many organisations lack established organisational knowledge of detection and response strategies in security because preventive approaches were the most common tactics for decades,” Deshpande explained.

Skill sets are scarce and, therefore, remain at a premium, leading organisations to seek external help from security consultants, managed security service providers (MSSPs) and outsourcers.

According to Deshpande, the need to better detect and respond to security incidents has also created new security product segments, such as deception, endpoint detection and response (EDR), software-defined segmentation, cloud access security brokers (CASBs), and user and entity behavior analytics (UEBA).

Consequently, these new segments are creating net new spending, but are also taking spend away from existing segments such as data security, enterprise protection platform (EPP) network security and security information and event management (SIEM).

On the services side, Deshpande said the emergence of specialised managed detection and response (MDR) services is a threat to traditional MSSPs.

“The rising number of point solutions in the security market that address detection and response is creating sprawl and manageability issues for CISOs and security managers, driving spending for management platforms and services that are better integrated with adjacent markets,” Deshpande added.

As enterprises shift toward balancing prevention with newer detection and response approaches, Deshpande said CISOs are changing how they measure the success of security strategies.

All security investments are being measured on how they contribute to the shift in mindset.

Even preventive security controls, such as EPP, firewalls, application security and intrusion prevention systems (IPSs), are being tweaked to provide more intelligence into security operations, analytics and reporting platforms.

“CISOs are keen to communicate the return on investment of their security strategy in terms of the business value associated with quick damage limitation, in addition to threat prevention and blocking,” Gartner Research Director, Lawrence Pingree, added.

“The key enabler for CISOs in this endeavor is to get visibility across their security infrastructure to make better decisions during security incidents.

“This visibility will enable them to have a more strategic and risk-based conversation with their board of directors, CFO and CEO about the direction of their security program.”


Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags Gartnersecurity

Featured

Slideshows

Sizing up the NZ security spectrum - Where's the channel sweet spot?

Sizing up the NZ security spectrum - Where's the channel sweet spot?

From new extortion schemes, outside threats and rising cyber attacks, the art of securing the enterprise has seldom been so complex or challenging. With distance no longer a viable defence, Kiwi businesses are fighting to stay ahead of the security curve. In total, 28 per cent of local businesses faced a cyber attack last year, with the number in New Zealand set to rise in 2017. Yet amidst the sensationalism, media headlines and ongoing high profile breaches, confusion floods the channel, as partners seek strategic methods to combat rising sophistication from attackers. In sizing up the security spectrum, this Reseller News roundtable - in association with F5 Networks, Kaspersky Lab, Tech Data, Sophos and SonicWall - assessed where the channel sweet spot is within the New Zealand channel. Photos by Maria Stefina.

Sizing up the NZ security spectrum - Where's the channel sweet spot?
Kiwi channel comes together for another round of After Hours

Kiwi channel comes together for another round of After Hours

The channel came together for another round of After Hours, with a bumper crowd of distributors, vendors and partners descending on The Jefferson in Auckland. Photos by Maria Stefina.​

Kiwi channel comes together for another round of After Hours
Consegna comes to town with AWS cloud offerings launch in Auckland

Consegna comes to town with AWS cloud offerings launch in Auckland

Emerging start-up Consegna has officially launched its cloud offerings in the New Zealand market, through a kick-off event held at Seafarers Building in Auckland.​ Founded in June 2016, the Auckland-based business is backed by AWS and supported by a global team of cloud specialists, leveraging global managed services partnerships with Rackspace locally.

Consegna comes to town with AWS cloud offerings launch in Auckland
Show Comments