|
|
 THE STAT 26Percentage of wireless customers who use their cell phones to take picturesMore Vitals
| |
NOVEMBER 19, 2002 SPECIAL REPORT: ENHANCING COMPUTER SECURITY A Tech Sector That's Set to Soar While overall IT spending is likely to slide next year, companies plan to buy plenty of security products from the market's top names
Dave King, director of business development for Cisco's security unit, says his group has delivered double-digit growth and outpaced most other Cisco lines of business over the past three years. Although competitors Check Point Software (CHKP ) and NetScreen (NSCN ) might dispute this, King claims that Cisco is grabbing market share. And analysts agree: Jeff Wilson, executive director of networking-equipment tracker Infonetics says Cisco has come from way back in the pack in firewalls, VPNs, and intrusion detection to become the No. 1 player in terms of total market share. "They have made signficant share gains, definitely gaining share year over year," says Wilson, whose tallies give Cisco 42% of the overall firewall and VPN market in hardware and software, followed by Check Point with 14% of the software market and a double-digit chunk of the hardware market. (The exact figures are difficult to ascertain because Check Point licenses its firewall to be resold by numerous dedicated security-appliance makers.) DOWN TO A BIG FEW. With success already under its belt, Cisco is stepping up the pressure. On Nov. 19 it unveiled a lineup of 12 new security products and services, from easier-to-use corporate firewalls to enhanced IDS packages. That follows its recent $12 million acquisition of Psionic in Austin, Tex., which makes software that Cisco claims can dramatically reduce the number of false intrusion alarms. "We intend to reduce false alarms by 80% to 90%," King says. "That's a technology that no one else has." As Cisco's strategy implies, the computer-security market is rapidly coalescing around a few big players, including firewall leaders Check Point and NetScreen, plus antivirus company Symantec (SYMC ). In the down economy, smaller companies that may have better technology but less staying power are struggling to land clients. Often, it's hard for them to attract big customers who need assurance that a supplier will be around to support is product. "If you're the chief information office of a Fortune 500 company, the risk of buying from a company that won't be here tomorrow has dramatically increased," declares Robert Thomas, CEO of NetScreen. Thus, big players are finding that it's possible to buy small ones on the cheap to fill out their product lines. Symantec was the champ in that regard in 2002. CEO John Thompson snapped up four small security players at a cost of $375 million in a headlong dash to get into the corporate security market, where Symantec has a strong antivirus product and a firewall popular with government buyers and small to midsize businesses, but not much else. LESS MIX AND MATCH. Even fast-growing firewall maker NetScreen, which has won kudos for its high-end products, decided that it needed to broaden its offerings and bought OneSecure for $40.1 million. Previously a NetScreen partner, OneSecure sells IDS products that it claims not only detect but also prevent hacker damage to a network. Of the Big Five security concerns, only Check Point and Internet Security Systems (ISSX ) didn't make major acquisitions in 2002. Just wait 'til next year, though, when industry experts expect consolidation to gain speed. "Customers would like to buy more than one security solution from a single company" rather than piece together the products of several suppliers, says NetScreen's Thomas. That idea gets a vote from Bob Justus, vice-president in charge of information security at Union Bank of California (UBOC ) in San Francisco, who says he's tired of having to integrate "a best-of-breed mix of products." This move to bigger, more diversified security suppliers is already affecting financing for startups. According to venture-capital researcher Venture One, VCs put $1.58 billion into 138 computer-security startups during the boom year of 2000. That fell 37.6%, to $986 million invested in 102 startups during 2001. In 2002, some 59 startups have gotten only $484 million through the first three quarters -- even though the computer-security market looks positively sparkling compared with the rest of the tech sector. "STRONG GROWTH." John Pescatore, senior analyst at market researcher Gartner Group, figures that in 2001, corporations spent on average 3.1% of their tech budgets on security. That will rise to 4.3% in 2002 and 5.4% in 2003 -- vs. the anticipated 0.03% decrease in overall corporate tech budgets, according to a November survey of 846 companies by Gartner and investment bank Soundview. "This is strong growth in a tough economy," says Pescatore. And it shouldn't end soon. Tech tracker IDC in Framingham, Mass., predicts that the global market will grow from $6 billion in 2001 to $14.6 billion 2006, IDC estimates. Those will be slower gains than in the mid and late '90s, but "nothing is growing as quickly as it used to, because of the economy," says Check Point President Jerry Ungerman. Sales tracker Infonetics says worldwide sales of firewalls and VPNs will remain flat at $2.7 billion in 2002 but should bounce up by 27% in 2003. Over the next 10 years, markets for firewalls and VPNs, both relatively mature products, should grow 10% to 15% on average. "There are only a handful of us left in those markets," adds Ungerman. Faster growth will come from advanced forms of protection, such as intrusion detection, plus tools that protect specific applications on corporate networks and vulnerability-assessment software and services. IDS is the star of the moment. According to Infonetics, IDS product revenues worldwide grew 42% in the second quarter vs. a year earlier, to $392 million. Infonetics expects this trend to continue apace for the next few years as more companies add IDS to their existing security infrastructure and the technology becomes easier to use. However, Gartner's Pescatore thinks many corporate customers will farm out this job because it can be so hard to master. INSIDE THE PERIMETER. A smaller sector with slightly slower growth is vulnerability assessment. That involves engaging tech experts to check a corporate network's security by probing and testing it. IDC puts the market for such services at $500 million in 2002, with sales of automated diagnostic tools probably making up 10% of the total, according Phillipe Courtot, CEO of Qualys, one of this market's leaders. "Why pay $150,000 for an annual vulnerability check by humans when you can pay the same amount or less for multiple checks using automated systems like ours?" asks Courtot. Another big growth area is protecting servers and desktop machines. Most companies large and small now use some form of perimeter firewall protection to protect their networks combined with antivirus software on mail servers and individual desktops. In fact, corporate antivirus software alone will be a $2.7 billion market by 2006, up from $1.2 billion in 2001, IDC estimates. Better yet, from a security company's viewpoint, antivirus protection is no longer enough. Corporate systems administrators feel that they must do a better job of protecting the soft underbelly of their IT infrastructure: Broadband users who log onto corporate networks from vulnerable home connections. That has made desktop firewalls mandatory for many companies, leading to big deals for suppliers such as San Francisco-area companies ZoneLabs and Sygate, as well as ISS subsidiary BlackIce. A FOREST OF FIREWALLS. "We're getting new inquiries every week. In the last six or seven months, we have won a lot of customers," says John DeSantis, CEO of Sygate. Both Sygate and ZoneLabs have gotten big venture financing in recent months, clear proof that investors believe the market is ripe for these products. So do corporate systems administrators who are looking at desktop protection as a way to help lock down increasingly decentralized corporate networks. "Initially, I started looking at laptop protection," says Jim Kirk, network security engineer for Wells Dairy, a Le Mars, Iowa , company with 2,100 employees. "A number of our laptop users started using broadband combined with VPN access, so we felt that we needed to protect those machines with Sygate desktop firewalls." Then in 2001, after the NIMDA and CodeRed worm-viruses snuck into many internal corporate networks, Kirk decided to look into putting a firewall on every company computer -- something he's still considering. That's a big shift compared with three or four years ago, when Kirk felt that he needed nothing more than antivirus protection on his company PCs. DUKING IT OUT. Not surprisingly, competition continues to build in such high-growth areas. NetScreen and Check Point are both trying to elbow into the desktop firewall market. Meantime, so-called management consoles -- which are designed to provide a single, easy-to-use interface for a wide variety of security technologies -- have also grabbed lots of attention. Symantec, NetIQ, and IBM's Tivoli unit are among the handful of companies now trying to attract clients in this market. "Things like management consoles are where the higher-value products will be when firewalls and other older classes of products are viewed as increasingly mature," argues Arvind Krishna, vice-president for security products at Tivoli. Out on the bleeding edge, in areas such as wireless security, competition is even fiercer. Upstarts that build security options for cell phones and wireless local-area networks are duking it out with established players such as Check Point and General Dynamics for a market that is still more promise than a reality -- with annual sales only in the tens of millions. That's set to blossom, however, as more cell phones begin to handle higher-speed data traffic and as wireless networks become standard on company campuses, where data used to travel only by cable. A coming wave of government contracts could also boost the computer-security industry in 2003, as money from the Homeland Security Act finally hits the ground. One thing is increasingly clear. As Internet usage continues to expand -- both across wires and through the air -- security seems to be one of the few sectors that's set to enjoy a strong upswing.  By Alex Salkever, Technology editor for BusinessWeek Online Get BusinessWeek directly on your desktop with our RSS feeds.  Add BusinessWeek news to your Web site with our headline feed. Click to buy an e-print or reprint of a BusinessWeek or BusinessWeek Online story or video. To subscribe online to BusinessWeek magazine, please click here. Learn more, go to the BusinessWeekOnline home page  | | NOVEMBER |
 Copyright 2002, Bloomberg L.P.Terms of Use | Privacy Policy |
Printer-Friendly Version