Gartner to Outline Security Trends in Upcoming Information Security Summit

The upcoming Gartner Information Security Summit will put the focus on trends in the security market today.

When it comes to information security, should companies be buying best-of-breed products from a number of vendors or stick with a single vendor for cost or other reasons? And what are the latest trends gaining momentum today in IT security?

Can You Cut Information Security in Hard Times and Survive

The Future of Information Security: 2008 and Beyond

Those questions and many more will be in the spotlight at the upcoming Information Security Summit in Washington, D.C. later this month where Gartner analysts share their views on what enterprises want and vendors can deliver in a world fraught with hackers on one side and regulatory pressures on the other.

Plain and simple, "what's driving customers is data security, in terms of infrastructure protection and compliance," says Adam Hils, the research analyst who will present Gartner's security-market forecast at the conference.

Some Gartner research shows IT security customers are torn by whether to stick with one vendor or go with standalone/best of breed products when it comes to basic buying strategies. Gartner advocates "best of breed — as long as it works with what you have," Hils says.

IT security customers are inclined as never before to a one-vendor strategy — it may be because of budget pressures since there's the perception that this may be cost-savings — but Gartner's advice is to keep the focus on best-of-breed, particularly when a major upgrade is envisioned and new technologies are on the horizon.

A good example is "the next-generation firewall, which combines the network firewall and intrusion-prevention system," Hils says. Vendors in this arena vary widely in terms of their equipment, although most of them aren't yet doing it all that well — though Hils said Juniper seems to be in the forefront for now.

According to Gartner, some of the most exciting areas today are managed services, or security as a service, where customers expect vendors to undertake full-time management responsibilities, either through support of dedicated customer equipment or by delivering cloud-based services.

While e-mail antispam and security filtering is becoming widely adopted, another area, security information and event management (SIEM), which involves complex aggregation and analysis of log data from many data sources, is also gaining uptake from customers, Hils says.

Large firms, including IBM and Symantec, offer managed SIEM services, but several smaller security firms, including SecureWorks, are providers, too. LogLogic is also one whose technology is often used by other providers.

While advanced SIEM equipment is still seen as a big-ticket item afforded mainly by large enterprises, increasingly there are options, like TriGeo, aimed at the small-to-midsized business market, Hils says. The wider SIEM adoption is being driven by compliance pressures, such as the Payment Card Industry (PCI) data-security standards, for log management, he notes.

Chris Whitener, HP's security strategist who plans to attend the Gartner event, agrees regulatory concerns pay a big role in driving SIEM adoption. He said HP has a close partnership with SIEM vendor SenSage, offering its technology in a hardware appliance because regulations governing the financial and oil industries ask for a separate logging system. "A lot of the regulation asks for the SIEM to be separate, not with the rest of the data warehouse," Whitener says.

HP both makes security products of its own, including encryption tools, and also re-sells third-partner security products or adds them as blades (McAfee security being one) for its ProCurve switches. So HP is somewhat philosophical about the best-of-breed vs. single security vendor argument.

"Look, I recently visited a bank that had 200 security vendors and they were going nuts," says Whitener, adding HP's approach as a systems integrator is to offer a "security blueprint" backed by its own evaluations of third-party security products.

Not surprisingly, enterprise customers do keep score on what security vendor has won their business.

When Gartner asked 468 IT professionals to name their "primary provider" of security software and appliances, the main picks were Symantec, Microsoft, McAfee, Cisco, Trend Micro and IBM, each with 5% or more of responses, though more than a dozen other vendors were cited as well.

The most mentioned for managed security service providers in that survey were Symantec, IBM ISS, VeriSign and AT&T by 9% each or more, though 20 others were also named, including Verizon Business, T-Systems and Unisys.

This story, "Gartner to Outline Security Trends in Upcoming Information Security Summit" was originally published by Network World.

Copyright © 2009 IDG Communications, Inc.

7 secrets of successful remote IT teams