Recently, using BT Trax and IT Priorities data, we explored several technology areas-servers, software, and security-looking mostly at what types of projects are currently underway and the relationship between real projects and news interest. Since the year is rapidly coming to a close, we decided to turn our attention to what kinds of initiatives are being planned for 2005.
For our first analysis, we turned to our data on information and network security-just what types of security projects are planned for the next 12 months? Among all plans for IT in the coming year, security ranks #4 out of 9 technology categories that we track (each month we survey IT executives and managers in mid- to large-sized organizations about their current and future IT projects and plans). And unlike current security projects, of which nearly 50% are virus defense-related, IT decision-makers are making more plans for security management solutions in 2005 than any other category of security technology.
So which vendors will IT decision-makers consider for their security solutions in 2005? Since we don't have specific information on the vendors under consideration at this time (stay tuned, though, we just started collecting these data in our IT Priorities study and will soon be able to report on these preferences), we deferred to the most recent IDC data on the security market.
Drawing on the IDC perspective, the four main segments of the security market include:
- Identity and access management: consisting of two major sub-segments
- Authentication hardware
- Authentication, authorization and administration
- Secure content management: comprised of
- Antivirus solutions
- Web filtering technologies
- Messaging security solutions
- Vulnerability assessment and management software
- Assessment products
- VA management products
- Threat management: emerging as one segment consisting of
- Firewall, VPN, and threat management appliances
- Firewall and VPN software
With this definition in hand, we turned our energy to assessing exactly how the security vendors stack up in terms of market share. In all, we looked at about two dozen vendors and tallied all the 2003 revenue reported by IDC (in a couple of cases we had to rely on 2002 data) for the segments that the vendors participate in, since not all are players in all four segments.
Here is a snapshot of how the key vendors stack up and the segments they play in (we only list the companies that had at least $100 million in security revenue). In this analysis, the security market represents around $9 billion in revenues, and Symantec is the clear leader with nearly 14% of the revenues from three of the technology segments. And although CA covers all four segments, the company ranks only 4th in revenues.
Knowing which vendors capture most of the business in the four key technology segments, we began to wonder if market ranking related at all to the level of news mindshare the companies capture on CNET's enterprise IT sites. It seems plausible that larger security companies would have more mindshare than smaller companies, as IT professionals check out the latest news about well-known vendors. But do they?
After analyzing the BT Trax data for those security vendors with at least $100 million in revenue, we found that market share often equates well with news mindshare-nearly 60% of the vendors' market share and mindshare are within one position of each other. A second group has a bit larger gap, with market share and mindshare separated by four positions. But check out the gap between Microsoft and Sophos, both tied for 13th place in market share, but holding the #1 and #3 positions in CNET security news mindshare, respectively. And VeriSign is 11th in revenue and 5th in news mindshare.
Why are these three particularly different? Digging into the backstory a bit, it looks like Microsoft, Sophos and VeriSign have unique roles in the security news space. Microsoft dominates the news because Windows is leading computing platform throughout the world and 2004 has been an especially active year with regard to news about Windows product flaws and vulnerabilities-making Microsoft #1 in security news. Sophos frequently issues alerts about new viruses and worms, which in 2004 included such pernicious pests as MyDoom and secret Trojan horses. And VeriSign is not only in the news because it's a security vendor but also because it is the keeper of DNS for the .com and .net domains. These factors all contributed to these vendors having news mindshare out of proportion to their security market share.
Understanding that market share and mindshare don’t consistently track, we are nevertheless anxious to see the new data we're collecting on the vendors, IT managers are short-listing for their 2005 plans. We expect the data will provide new insights into how market position factors into the actual decision-making process. We know from other research that we've done that vendors are most often chosen as a provider because of an existing relationship or because of reputation, which suggests that the bigger the player the greater likelihood they are already the vendor of choice. We'll revisit some of these market musings in November, once we have the new IT Priorities vendor data collected and analyzed. Stay tuned.
