SIM Market to Continue Growth, Forrester Says

The market for security information management tools is expected to keep growing and to see faster adoption by SMBs.

Analysts at Forrester Research predict that the market for security information management tools will continue to grow, with demand reaching $1.18 billion by 2011.

In a new report, Forrester wrote that the SIM market is currently growing at a rate of 50 percent, and will see faster adoption by SMBs (small to midsize businesses) during the next couple of years as SIM tools become easier to use and less expensive. SIM customers with fewer than 1,000 employees currently make up less than 1 percent of the market, but will account for 30 percent by 2011, the report stated.

The report also noted that the growing sophistication of threats facing enterprises means customers are interested in tools that can streamline the process of gathering, analyzing and reporting log vulnerability and configuration data.


Click here to read about a SIM offering from Symantec.

"Nobodys doing everything wonderfully just yet," analyst Paul Stamp, one of the authors of the report, said of SIM vendors. "[Customers] find the promise of an all-seeing expert system that correlates seemingly unrelated events to detect subtle threats as a little unattainable right now. On the other hand, if theyre looking to identify pretty specific issues and streamline their remediation, then SIM tools are a big help."

However, Stamp added that vendors still need to strike a balance, as many customers are only looking to fill a specific need, such as responding to auditor demands and streamlining basic security operations processes.

"A large enterprise isnt going to settle for mediocre functionality or less scalability because of a broad feature set—they want a vendor that knows what it does and does it well," he said. "An SME [small to midsize enterprise], though, will probably not want all the whistles and bells, but only have the budget for one product to meet all its SIM requirements."

The report projects that the market will reach commoditization by 2009-2010. "Customers will continue to steer towards large vendors from which they will be able to buy infrastructure management and security tools," the report said. "However, there will be enough differentiation in the market to command good margins through 2010, when deal sizes will shrink as the space becomes a wider part of IT and business application management."

Stamp said he expects some of the smaller players in the space to get swallowed up by the bigger ones in the years to come as well.

"Theres no way everyone in the market right now can survive as they are," Stamp said. "Some of the next-gen products aimed at the SME will be the ripest for picking as that market takes off. SMEs arent necessarily looking for the systems management behemoth solutions though, so expect the larger security guys who have a big footprint in the SME to be the first in line."

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.