Security resellers bet on next year's success stories

As 2009 draws to a close, security resellers are placing their bets on what will be the growth hotspots of next year.

When CRN posed the same question last year (CRN, 15 September, 2008), some predictions turned out to be somewhat wide of the mark. Data leakage prevention (DLP) has failed to take off as VARs anticipated as end users baulked at the complexity of the technology.

However, in line with the forecasts, compliance has been a massive driver of spend in what has remained a relatively buoyant market. According to figures from Gartner, the global security software market will jump by eight per cent to $14.5bn (£8.7bn) in 2009 before growing by a further 13 per cent in 2010.

Watch out for leakage

David Hobson, managing director of VAR GSS, said that application security would be one to watch in 2010 but claimed DLP would also finally come to the fore.

“Data leakage has been disappointing,” he admitted.

“While we have sold some products in that space, the market is not yet able to understand it. People

have had the knee-jerk reaction and rolled out endpoint security, but have only saved one point of pain. There is more to the issue than that, and that’s where we think the growth will be next year.”

Rupert Cook, who heads up technology M&A activity for corporate finance firm Goetz Partners, agreed that DLP had been a flop.

“Some of the early DLP products were fiddly to use and did not give people the control they promised,” said Cook. “It is easy to see why people have been slow to adopt.”

Cook agreed that growth would finally kick in next year with new ‘granular DLP’ products from emerging vendors, such as Overtis, offering improved ease of deployment. Distributor Bell Micro also recently flagged DLP as a $4.5bn market opportunity by 2014.

Meanwhile, security VAR Imerja is among those betting big on security-as-a-service (SaaS) and has spent recent months shifting resources accordingly.

Marketing director Mark Evans said: “We have already made changes in our business to promote more managed services and complex hosting. It will help businesses drive down costs and increase efficiencies.”

Rob Gupta, managing director of VAR Secon, said: “One of the most rapidly growing areas for us is cloud computing.”

Cook said that SaaS has driven a rash of consolidation at a vendor level. This includes McAfee’s recent $140m acquisition of MX Logic, as well as Symantec buying SoftScan, GFI acquiring Katharion, and Barracuda’s acquisition of PureWire.

“M&A has picked up in the past few months having had a lull,” he said.

“The big guys such as Symantec and McAfee are very confident again. Everyone is doing as much as they can in the hosted space. People do not want the hassle of managing this sort of service themselves.”

I should CoCo

Elsewhere, Code of Connection (CoCo) compliance has forced public sector organisations to roll out endpoint security, intrusion prevention and log management technology, and has proved a huge earner for the channel in 2009.

“60 to 70 per cent of our business has been public sector this year and within that most had some kind of CoCo link,” said Jonathan Lassman, managing director at security reseller NTS.

“The problem is that from the middle of the second quarter margins for endpoint security have fallen off the face of the earth. All the anti-virus vendors have entered the space and trashed the market on price.”

Lassman said intrusion prevention would be big again in 2010 as just 30 per cent of organisations have deployed the technology, as would email hygiene.

“We have done $1m with Proofpoint this year and are looking to double that figure next year,” he said.

A shift in attitude among end users sparked rocketing demand for consultancy services in 2009.

VARs claimed the trend will continue in 2010 as firms are faced with an i ncreasingly complex threat landscape.

Garath Lauder, managing director of Data Integration, said: “We are seeing more services-driven requests from customers. There is a change from them saying, ‘can you provide us with something?’ to them asking us to help them become more efficient and consolidate technologies.”

Stuart Noad, marketing director at security integrator Vistorm, said: “Product now only accounts for 42 per cent of the market spend on in-formation security, the rest being made up of people and services indicating businesses are now more than ever turning to external experts for support.”