The Australian security technology and services market is forecast to hit $1.7 billion in 2013 due to the expansion of the technologies enterprises use to improve their security, according to a new Gartner report.
The Future of Global Information Security study forecast that the Australian market will increase 12.2 per cent this year, up from $1.5 billion in 2012.
According to Gartner UK research director Ruggero Contu, security remains one of the top IT concern areas.
"The consistent increases in the complexity of targeted attacks, coupled with the necessity of companies to address regulatory or compliance-related issues continue to support healthy security market growth,” he said in a statement.
More DDoS attacks will be application based: Gartner
Security threats explained: Social engineering
AusCERT 2013: Deploying BYOD in a government environment
Contu added that there are three main trends driving investment: mobile security, big data and advanced targeted attacks.
He said bring your own device (BYOD) is a mega-trend that will have a “far-reaching influence” on the entire security industry.
For example, the shift from device to app/data security meant that there is a chance for some security technology service providers to capture endpoint protection budgets.
“Secondly, since some BYOD projects are centred on the productivity gains of one to two apps, there could be buying centres adding security outside of traditional information technology centres,” Contu said.
According to Gartner US research director Eric Ahlm, the amount of data required for information security to detect advanced attacks will grow rapidly over the next five years.
To support the need for security analytics, changes in information security people, technologies, integration methods and processes will be required. This would include security data warehousing and an emerging role for security data analysts, he said.
Turning to advance attacks, Gartner US research director Lawrence Pingree said that attackers are now capable of maintaining footholds inside an organisation once they successfully breach security controls.
“Attackers look for ways to remain persistent on the target organisation's internal network either through the use of malware or, even if the malware is detected and removed, via post malware use of user credentials gathered during the period of time the malware was active,” he said.
“They then change their tactics to secondary attack strategies as necessary, looking for other ways around any internal security controls in the event they lose their initial attack foothold.”
According to Pingree, enterprises should employ a defence-in-depth, layered approach model. He said the layered approach is often managed in independent ways to accomplish stated security goals, namely to detect, prevent, respond and eliminate.
Follow Hamish Barwick on Twitter: @HamishBarwick
Follow Computerworld Australia on Twitter: @ComputerworldAU, or take part in the Computerworld conversation on LinkedIn: Computerworld Australia