The security world is moving ever closer to a subscription-based model, according to the analyst outfit Canalys.
In a report, the analysts noted that although the vast majority of cybersecurity sales remain traditionally delivered, this is starting to change to something more subscription based and Canalys expects it to speed up over the next couple of years.
Cyber security spending topped $10 billion for the first time in the fourth quarter of last year. It thinks that by 2020 $42 billion will be spent annually worldwide on products and services.
The outlook also has a balance between traditional and emerging deployment models changing with it hitting 70/30 in the next two years. Last year the well-worn approaches to selling hardware and software accounted for 82 percent of the revenues with the remaining 18 percent including subscriptions to Security as a Service offering, virtual appliances and procurement through public cloud marketplaces.
Canalys principal analyst Matthew Ball said: “Over the next two years, the transition in cybersecurity deployment models will accelerate. Customers are changing their IT buying behaviour, with the adoption of public cloud, and flexible consumption and subscription services.
“Vendors will have to establish a diverse range of business models to support this transition, as different products suit different types of deployments. The key challenge to date for many has been making the new models more channel-centric and integrating them with existing partner programs, especially customer transactions via cloud marketplaces. This has recently been addressed by some cloud marketplaces, allowing partners to offer customised deals and pricing direct to customers while tracking deal registration and rebates.”
Vendors are already making changes with many making sure that they have solutions available in the primary cloud marketplaces and have programmes in place to support and attract more managed security service providers.
Cisco is still the market leader, followed by Palo Alto Networks, then Check Point, Fortinet, IBM and Symantec neck-and-neck.