Four security pros name top trends in the cyber space
From MDR to vendors battling it out to AI, here are some trends to keep an eye out for in cybersecurity
What do four IT channel security experts think the growth driving trends in cybersecurity are?
According to the pros, the technologies and solutions that are growing "incredibly fast", "exploding", and seeing a "huge uptake" are MDR, identity security, cloud security, and, you guessed it, generative AI
Another market shaking pattern that has been dominating CRN's headlines this year is the consolidation game vendors are playing.
HPE has bought Juniper Networks for a whopping $14bn, Palo Alto Networks is buying IBM's QRadar assets for $500m, and Cisco has snapped up Splunk for $28bn.
Though Guy Golan, CEO of MSSP Performanta, believes one vendor in particular is at the centre of all these acquisitions.
"Vendors are battling each other. Especially the ones that used to be tier 1 vendors and used to lead the way in previous years.
"They are battling with the existence of Microsoft because it is eating their lunch, whether they like it or not," he tells CRN.
Golan states the domination of Microsoft means other vendors need to either innovate or consolidate.
"For example, the IBM and Palo Alto deal, and Cisco and Splunk, these are retaliations to Microsoft as opposed to a genuine vision.
"They realised Microsoft jumped from a tier 4 security provider to tier 1 and dropped everybody to tier 2 or 3.
"If you don't have Microsoft today then what are you doing?
"The vendors that used to be tier 1, like McAfee, CyberArk and Check Point, need to realise they are not there anymore and figure out how to reinvent themselves.
"They can try to acquire other companies, either sell themselves to larger companies, or start providing services."
Services are the biggest disruption to the market right now, according to Golan, as vendors previously considered this to be the job of channel partners.
"CrowdStrike provides services, SentinelOne provides services, CyberArk provides services.
"Everyone is adding a services element, which means they are now starting to realise that if they don't provide services, then the connection between them and the client is quite far.
"They have a distributor in the middle, then a partner, whether it be an MSP or reseller. They want to get closer to the client to retain them and sway them from making decisions that will negatively affect revenue."
M&A to impact medium and large MSPs
Golan says MSPs who deal with small clients, up to 100 users, will feel no impact of the consolidation happening at the top level.
It will however affect MSPs with 500 users and above.
"So the larger MSPs are the ones that now need to consider what's impacting them. Do they go with Microsoft or not?
"They also have to consider their models because most MSPs sell licences. And with Microsoft, if you sell licences you don't make enough money. So where's the motivation in doing that?
"That in my view is the dilemma that is now happening in the small/mid tier market in the UK."
Cybersecurity's fastest-developing market
Mordor Intelligence figures suggest the UK cybersecurity market is set to reach revenues of $15.7bn in 2024, growing at a compound annual growth rate (CAGR) of 10.4 per cent to $25.8bn by 2029.
Meanwhile Statista predicts UK cybersecurity market revenues will increase by $5.8bn between 2024 and 2029, reaching $16.8bn by 2029.
The data intelligence platform highlighted cloud security as the fastest-developing market, projecting it to earn $122.7m this year.
With those numbers it's safe to say the cloud market is set to reach heights even greater than the white fluffy shapes in the sky, and the recent failed acquisition between Google and Wiz makes this case even stronger.
"The valuation Google put on Wiz is evidence that it's an incredibly fast growing area of technology," says Rob Pooley, co-founder and solutions director at IT security services provider Saepio.
"We absolutely see that. Different architecture and different risks arise when you're building out your platform applications, instead of cloud. So platforms like Wiz are incredibly fast-growing in terms of being adopted and managing risks.
"Four years ago cloud security barely existed and it's growing incredibly fast."
Pooley adds that another trend bubbling under the surface is outsourced security operations centres (SOCs).
"That's what we call managed detection response (MDR)."
MDR is another branch of cybersecurity experiencing a boom, owing to increased and evolving cyber threats, and the global shift towards remote work and digital transformation.
"There's been an absolute explosion in MDR," says Lance Williams, CTO at Distology, referring to the specialisation as "MD Ugh."
"You can't separate the wood from the trees, and everybody seems to do the same thing. It's gotten to the very boring level at a marketing point where people are trying to split hairs about how quickly they can detect things and how many feeds they've got, which obviously is utterly pointless."
He urges MDR providers to focus on the most important letter, the ‘R'.
"What you want is a focus on response.
"I picked up on this at RSA, and it continued throughout InfoSec. There is a mini wave of focus on response.
"The big players who call themselves MDR or TDR aren't very much on the ‘R'.
"I've seen a real trend in up and coming MSPs and vendors who provide a service-based threat detection response platform on the response.
"So much so that some of them are saying they will provide x number of hours per month for forensic analysis, but that's marketing speech.
"What they're really saying is they'll spend up to x number of hours per month showing you that they're actually doing something around responding to the threats your organisation's facing, rather than just saying ‘here's some alerts', because that information is useless to CISOs."
Cybersecurity under the spotlight
With a raft of legislation and regulation such as NIS2 and the Digital Operational Resilience Act (DORA) coming down the line in both the UK and EU, more security providers are racing to improve the cyber defence posture of organisations through solutions like identity security.
The number and nature of digital identities is changing, posing a direct risk to security.
While end users may continue to grumble over having to prove our identity when we login everyday, it turns out there's a very good reason why.
According to the Identity Defined Security Alliance's 2024 Trends in Securing Digital Identities report, 90 per cent of organisations experienced at least one identity-related incident in the past year.
Moreover, 84 per cent of identity stakeholders that sustained an identity-based breach over the past year said they suffered a direct business impact as a result, up from 68 per cent who said this in 2023.
Given its rising importance, Sean Remnant, chief strategy officer at Ignition Technology believes "every partner" needs to be involved in the identity space.
"We still see huge uptake in the identity space. So privileged access, identity governance and identity security," he says.
"That was a compliance governance conversation. It still is, but it's now more of an identity security story.
"There definitely seem to be more governance and compliance pressures. If you look at the NIS2 and DORA frameworks that are coming down the line, a lot of that boils down to identity.
"Making sure the person behind the laptop is who they say they are, that they can only access the data they need for their job, they can only see the applications they need."
And there are numbers to show it, with identity security vendors like BeyondTrust ($400m ARR), SailPoint ($600m ARR) and Okta ($617m revenue) all posting year-on-year bumps in their latest financial results.
Asking AI to prom
AI, more specifically generative AI, is like the popular new student at school.
Everyone wants to strike up a conversation with the mysterious new classmate. But is left twiddling their thumbs and grasping at straws for anything meaningful to say.
"We now have AI security. Every partner and customer wants to have a conversation about that," says Remnant.
"There will be this hype cycle. But I think we're already two thirds of the way up. I think the channel's a little bit late, not in terms of not being able to not help the customer, but late in terms of the tech.
"For once, the technology has probably exceeded the pace of the channel's expertise."
A similar situation has played out in the channel. Organisations are flirting with the idea of monetising genAI, but have so far struck out.
"People are having difficulties in finding a use case for it," says Golan.
"AI is a great example of, if you use the use cases properly and integrate them in a smart way you can get a massive gain."
Analyst firms believe there will be big customer appetite for AI products next year, that's when the opportunities will kick in.
"I think the market is ready for it, but I just think they don't understand the pricing behind it.
"The commercial element is more about the hindrance at the moment rather than the usability of AI," Golan adds.
Gartner distinguished VP analyst John-David Lovelock told CRN that while it "doesn't get more hyped than AI", genAI hasn't had the chance to get off the ground yet.
He added that 2023 was the year of "the story", while 2024 is about "the plan" and next year, we will finally start using generative AI.
Much like if the plucky young teenager bided their time and got to know the new kid first, then they might see success.
And so the channel must wait to see if this coming-of-age story about genAI will play out in 2025.