Advanced Threats to Drive Growth in Defense Analysis Market: IDC

Organizations are realizing that they need improved protection against targeted attacks that use malware to steal financial information.

To defend against specialized threats such as financial and intellectual property theft through malware, a new segment of products has emerged that leverage a variety of technologies above and beyond signature-based defenses, which research firm IDC has dubbed Specialized Threat Analysis and Protection (STAP).

The worldwide market for STAP solutions is forecast to have a compound annual growth rate (CAGR) of 42.2 percent from 2012 through 2017 with revenues reaching $1.17 billion in 2017, according to IDC's study "Worldwide Specialized Threat Analysis and Protection 2013-2017 Forecast and 2012 Vendor Shares," which examines the STAP market and provides a market size for 2011, vendor shares for 2012 and a forecast for 2013–2017. The market also includes products that allow for the reverse engineering and forensic analysis of discovered malware.

Since the malware used in these types of advanced attacks is simply a tool for the collection and exfiltration of data, sophisticated hackers are using different pieces of code for each phase of the offensive, making the detection of advanced attacks much more difficult.

"Organizations have quickly begun to realize that they need improved protection against targeted attacks," John Grady, research manager with IDC's Security Products group, said in a statement. "IDC has seen these solutions become a strategic necessity for many organizations, especially in the financial services and government sectors, with budget being quickly allocated to prioritize deployment."

The STAP competitive security products, which use a predominantly signature-less technology like sandboxing, emulation, big data analytics and containerization to detect malicious activity, can be based at the network level, on the endpoint or both, and scan both inbound and outbound traffic for anomalies including botnet and command and control traffic.

Many STAP solutions today are deployed in a layered fashion, such as endpoint and network-based solutions, suggesting that not all vendors in this market compete against one another. The report noted that in many cases, there remains a gap between detection and remediation, although vendors are moving quickly to address this.

The report projected that ultimately many STAP functions would be incorporated into traditional security products, although IDC researchers said they believe this would occur toward the end of the forecast period. For the short term, products in the STAP market remain incredibly varied, though they all tackle the same fundamental issue of bringing visibility and protection against threats that legacy security products are unable to address.

Businesses are beginning to rank cyber-security risks as greater than natural disasters and other major business risks, and while only 31 percent of companies are insured against data breaches, a growing number of companies are exploring policies, according to the findings of a survey conducted earlier this month by Experian Data Breach Resolution and the Ponemon Institute.

The study found that the likelihood of a company considering a policy increases after it experiences an incident. Just under a third (31 percent) of companies reported current cyber-insurance coverage, and survey results suggested growth on the horizon, with 39 percent of respondents saying their organization plans to purchase a policy.