While HP has caused a furor with the uncertain future of its PC business--something pundits are calling part of its "IBM-ification" strategy--what is clear is the company's desire to be a player in the enterprise security market. The world's largest IT vendor is making a number of announcements around its Enterprise Security Solutions portfolio that will provide the required protection combined with access to the right assets without compromising risk.
Gartner reports security software revenue totaled $16.5 billion in 2010, a 12% increase from 2009 revenue, with Symantec and McAfee in the top spots with 30% combined market share. The next three largest vendors--Trend Micro, IBM and CA--accounted for another 14%, leaving HP with every other vendor competing for the remaining 56%.
IDC forecasts the worldwide security services market compound annual growth rate at 15% over the 2010 to 2015 forecast period with revenues exceeding $39.5 billion in 2011 and growing to almost $63 billion by 2015, says Chris Liebert, senior analyst, security services, IDC. She adds that HP is making a strategic bet based on the movement of the enterprise market to outsourced business services.
"This shift can be attributed to enterprise mandates in a few key areas: reducing infrastructure and network overhead, reducing capex and opex, and outsourcing manual processes like network security, storage and business applications for better efficiency and employee productivity. Key to this shift in enterprise outsourcing is security, as security is a market driver and pushes other sales now, not the other way around, and may be a bright spot in [HP] CEO [Leo] Apotheker's software strategy."
HP reports more than half of senior business and technology executives believe that security breaches within their organizations have increased during the last year, with nearly a third saying they experienced a security breach by unauthorized internal access and 20% reporting an external breach. The company also released its semi-annual HP Digital Vaccine Labs' (DVLabs) Cyber Security Risks Report, which found that the number of web application attacks in just the first half of 2011 has already surpassed the total number of attacks tracked in 2009 and is also 65% higher than the total attacks measured in 2010.
A new study, Norton Cybercrime Report 2011, puts the cost of cybercrime at $114 billion annually. Throw in time lost as a result of these experiences, and the total cost is $388 billion, the report says.
According to HP's Second Annual Cost of Cyber Crime Study, conducted by the Ponemon Institute and released last month, the median annualized cost of cybercrime incurred by a benchmark sample of organizations was $5.9 million per year, with a range of $1.5 million to $36.5 million each year per organization, an increase of 56% from the inaugural study published in July 2010. During a four-week period, the organizations surveyed experienced 72 successful attacks per week, an increase of nearly 45% from last year. More than 90% of all cybercrime costs were caused by malicious code, denial of service, stolen devices and Web-based attacks.