It is widely agreed that the security software market is over $20 billion worldwide and that endpoint security software (aka antivirus) makes up the lion’s share of this revenue. After all, AV is an endpoint staple product bundled on new PCs, required as part of regulatory compliance, and even available for free from reputable providers such as Avast, AVG, and Microsoft.
Yup, AV software is certainly pervasive but traditional endpoint security vendors will face a number of unprecedented challenges to their comfy hegemony in 2014 for several reasons:
- Security professionals are increasingly questioning AV effectiveness. According to ESG research, 62% of security professionals working at enterprise organizations (i.e., more than 1,000 employees) believe that traditional endpoint security software is not effective for detecting zero-day and/or polymorphic malware commonly used as part of targeted attacks today. To quote Lee Atwater, ‘perception is reality’ when it comes to AV.
- Many organizations are already moving beyond AV. ESG research also indicates that over half (51%) of large organizations are planning to add new layers of endpoint security software in order to detect/prevent advanced malware threats. This means that enterprise companies aren’t waiting for AV vendors to catch up but rather spending on new endpoint defenses – likely with new vendors.
- The industry is turning up the heat. The AV market has been a cozy oligopoly dominated by a handful of vendors. This market is coming unglued as a combination of new threats and user perceptions is opening the door to an assortment of upstarts. The list includes smaller firms like Bit9, Cylance, Malwarebytes, and Triumfant as well as 800-pound gorillas like Cisco (with Sourcefire FireAMP, IBM (with Trusteer), and RSA Security (with ECAT). Oh, and let’s not forget red hot FireEye’s acquisition of Mandiant or Palo Alto’s purchase of Morta. These two firms are intent on leaving AV vendors in the dust as they pursue the title of “next-generation security company” (whatever that means).
Endpoint security certainly looks like a market in transition but don’t dismiss the old guard just yet. For example, McAfee and Trend Micro are integrating traditional AV with new types of advanced malware detection, prevention, and analytics. This may help them not only hold off the upstarts but also capitalize on new opportunities. In the meantime, the rest of the market is likely to adopt the “AV is dead” mantra in a big way.
So what happens next? Stay tuned. ESG’s endpoint security guru Kyle Prigmore and I will be tracking and reporting on market activity as things progress. It’s sure to be an eventful year!