Despite the many buyouts in the security software sector between 2006 and 2010, the market share held by the five biggest vendors over that period actually fell.
According to analysis by research firm Gartner, the collective slice of the security software market held by Symantec, McAfee, Trend Micro, IBM and the fifth biggest vendor fell from 60 percent in 2006 to 44.3 percent last year. (CA was number five in 2006 and EMC held that spot in 2010).
In a paper, Market Trends: an ever-consolidating security market never consolidated, Gartner analyst Ruggero Contu notes when consumer security software is removed from the figures, the enterprise software security market is even more fragmented, with just 35 percent held by the top-five vendors.
This is in contrast to enterprise software overall, in which the biggest five vendors have 55 percent of the market. (The overall enterprise figure is calculated by taking the average from all markets monitored by Gartner, such as security, ERP, CRM and others.)
The level of fragmentation in the enterprise security software market is even more notable when the number of acquisitions by the big five over the 2006-2010 period is taken into account; major buyouts during that time include Symantec’s purchase of MessageLabs in 2008 and McAfee’s buy of Secure Computing during the same year.
In the Market Trends' paper, Contu contends the main reason for the fragmentation trend in enterprise security market share is; “established leaders are losing market share to smaller players, many of which were start-ups that developed new offerings to meet newly-introduced threats and vulnerabilities”.
Other small players “implemented a successful go-to-market strategy, built themselves a niche presence and gradually took market share away from incumbent vendors,” the report states.
He cites ArcSight, ESET and Kaspersky Lab as examples of the latter, describing them as “practical examples of start-ups that managed to gain a foothold and become significant competitors in the security market, and gain market share.” (ArcSight ended up being acquired by HP in 2010).
He concludes: “Security relies a great deal on innovation from start-up companies, which is particularly the case with a continuous influx of new vulnerabilities and threats.”
Indeed, he points out large vendors often don’t like to devote resources to researching and developing bleeding-edge products, preferring to keep an eye on start-ups that are doing this, and once the start-up achieves some success it is bought.
A desire by the top-five vendors, as well as other larger providers, to provide an integrated security offering to customers has also driven the acquisition spree, Contu notes.
“All the leading players have been acquiring specialist vendors in certain technology areas to add new capabilities, such as disk file encryption or data loss prevention, to their endpoint security platforms.”
Cloud computing has also played a part in security software acquisitions. Some larger vendors prefer to buy cloud security start-ups, rather than develop cloud security offerings internally.
“For established players to remain competitive, it has become critical to offer credible products delivered as a service.
“The email security and web security gateway areas offer a perfect example; in these markets, adoption of security-as-a-service-based products is expected to overtake the traditional appliance and software delivery methods.
“Gartner estimates about half these products will be consumed as a service by 2015. As a result, established market leaders have been snapping up many vendors specialising in this delivery method.
“The acquisition of MessageLabs, MX Logic, Finjan and ScanSafe by Symantec, McAfee, M86 Security and Cisco, respectively, are practical examples of this trend.”
Simple desire to boost market share by buying out a competitor, the desire to reach a different geographical market, and the attraction of a rival or smaller player’s channel distribution network are other factors that spur security software acquisitions, he says.
However, despite all the buyout activity the top-five vendors’ market share is decreasing, because “the market is continuously expanding, [with] new players always seeking to take advantage of new opportunities created by an ever-changing threat and vulnerability landscape.
“There is a never-ending need for new security tools and adjustments to the processes aimed at lowering risk.”
New IT technologies, such as cloud computing mentioned above, social networks, smartphones and tablets, and virtualisation, all require a re-think of security and will drive demand for new products, he says.
“While end-user organisations have shown an increasing preference to use a suite of products from fewer suppliers, the complexity of end-users’ product portfolios will not be solved in the short term. This is because new, standalone niche tools will continue to be purchased to solve new rising threats vulnerabilities that incumbent players have not been able to address.”
IDC has also been following the security software market, noting last month that the Asia-Pacific region (excluding Japan) spent US$1.438 billion on security software in 2010. Gartner cites a similar figure, US$1.5 billion.
IDC analyst Marco Lam says cloud-based security software, and security applications for virtualisation, as well as mobile security, will be the drivers of growth in the Asia-Pacific security software market.
"IDC expects companies to continue to leverage and integrate new security technologies to defend against intrusion and malware," Lam says in an IDC commentary.
"Consequently, CIOs will keep on evaluating and adopting the latest IT security solutions proactively.
"Thus, the overall security software market will continue to experience healthy growth," he says.