According to analyst firm IDC, the expected growth of the specialised threat analysis market will mark a new era in the IT security sector.
IDC Security Products' program vice president Christian A. Christiansen recently introduced some highlights from the company's Specialized Threat Analysis and Protection Market (STAP) research, which quantified the opportunities for solutions countering APTs [advanced persistent threat] band targeted attacks.
"IDC believes the market will grow to more than US$3 billion by 2019, with a 5-year CAGR [compound annual growth rate] of 28 percent," said Christiansen.
"This high growth rate is driven by significant adoption of STAP [specialised threat analysis & protection] products to address the growing need for advanced threat detection," he said.
Christiansen was setting the context for the recent announcement in Kuala Lumpur of a new security intelligence as a technology and as a service.
He added that 2015 marked a turning point in the evolution of threats and their perception by business: companies were becoming more aware that defending the corporate network perimeter was no longer enough.
Detecting a live cyber attack
In addition to protecting the boundaries from generic attacks, businesses across all sectors needed the capacity to detect a live targeted or advanced cyberattack.
Businesses also spoke of the need to be able to predict potential targeted attacks, said Russian cyber security provider Kaspersky Lab's new South East Asia general manager Sylvia Ng (pic below).
These challenges, unlike more traditional cyber-attacks, cannot be addressed through a new technology or product, but demand a combination of technology and intelligence, Ng said.
"When businesses face an adversary with the skill, knowledge and determination to overcome the many existing security technologies, they need knowledge of possible attack vector details of the indicators of compromise, and the ability to distinguish normal operations from malicious activity," she said. "This is an immense undertaking which requires strong security expertise combined with technology that is capable of spotting a criminal act in the avalanche of daily activity in a large corporation."
Malaysia's immediate challenges
Speaking earlier to Computerworld Malaysia before the announcement of the company's two new enterprise security solutions - an anti-targeted attack platform and a security intelligence service, she said that companies needed more than endpoint protection in an increasingly complex cyber-threat landscape.
"[With this public announcement], we announce our entry into a new category of security products [and the enterprise market], one that we believe will define the future of the IT security industry," Ng added.
When asked for her take on Malaysia's immediate security challenges, she said: "Today, the cybersecurity of industrial systems and critical infrastructures is of vital importance. An increasing number of such systems are using devices and channels that interact with the outside world."
"Sometimes they use equipment that was never intended for external access, not to mention software that was created decades ago and has not been upgraded since," Ng said. "This is a very serious issue because not only is the continuity of the production process at stake; the environment and even human lives can be at risk."
"Though there are no major cases of cyber-attack on industrial systems and critical infrastructures yet in Malaysia, precautionary measures should be adopted now," she added.
Sign up for Computerworld eNewsletters.