Here are some trends to keep an eye on (in no particular order):
1. Intuitive User Experience Influencing Buyers There is a shift among IT administrators’ priorities when it comes to user interfaces and ease of access. While many admins could historically be counted on to value technology above all else, vendors are noticing that admins have less patience for even the most excellent technology if it requires a lot of heavy lifting to implement or manage. Thus, many vendors are attempting to reduce the number of clicks between an admin and the relevant data, or use 3D graphics to display data, or simply integrate third-party tools, which are fixes primarily aimed at improving the user experience.
2. Consolidation of Products as a Time-saving Device This is much related to the first point. IT admins no longer have enough time in the day to manually piece together a bunch of different products/tools from different vendors. While many still do this, ESG is hearing vendors talk about the rise of the “suite sale,” in which a technically inferior product can win out over a technically superior competitor by combining many tools into a centrally managed interface. In other words, a suite can be greater than the sum of its parts.
3. Intelligence Aggregation IT admins are thirsty for data, but only if that data is useful. Something like always-on packet capture is both burdensome on the system and useless if there is no way to prioritize the data. Fortunately, there are a crop of vendors getting extremely good at sorting through data and spitting out threat intelligence; unfortunately, they do not often work together. Vendors who allow third-party intelligence to be integrated into their own product feed are very appealing as a temporary solution to the problem. Vendors who refuse to allow for simple intelligence integration risk isolation/alienation.
4. Skills Shortage All of these themes point back to a lack of security skills in the market. Security experts are hard to find, and expensive to hire. Simultaneously, the number of endpoints that require protecting is skyrocketing and the sophistication of malware is increasing. The result is that security divisions are overworked, which is why they are trending toward simpler interfaces and efficient suites and simple integration/aggregation of threat intelligence. They need to save time on the implementation and management side so that they can focus on other things, be it firefighting or preventative maintenance or any other task that gets neglected when the proper tools are not in place or take too much manual labor to be useful.
BYOD is changing security, and the tools the IT admins need to manage the endpoint explosion need to be simple, efficient, and cooperative. It will be interesting to see how vendors respond to this challenge in 2014.