Demand for Internet Security Suites is on the rise to cope up with the growing pressure to prevent blended, sophisticated and complex threats. This article looks at various aspects of the current and future internet security suites market in India.

Internet has become the mainstream application for almost all kind of activities, irrespective of geography and users. Internet carries its own advantages and disadvantages. The need of maintaining the confidentiality, integrity and availability on web is necessary because every individual is connected together with the help of Internet.

Addressing multi-level security challenges with help of single solution has always been on demand. It is convenient to have several features bundled together in one solution. Dealing with one vendor may be easier for upgrades and support. If parts of a suite have trouble getting along, the vendor may be more likely to fix the problem since it's harder to say that it's not their fault. On the other hand, it is also true that every solution does not carry all features which probably you would like to see. But more or less, today’s internet security suites carry most of the advanced features, one system need to prevent blended attacks.

Market

The demand and interest in Web security solutions is being fueled by corporate concerns about Internet threats that have become increasingly complex and sophisticated. India's IT security market, in the enterprise segment, is pegged at about USD 130 million, and research firm Frost and Sullivan estimates it to grow at a CAGR of 19.21 per cent over the next few years.

Growing internet infrastructure, burgeoning broadband population and rampant software piracy have made India a hub of malicious activities. In fact, according to Symantec’s Internet Security Threat Report XIV, India had the fifth highest number of broadband subscribers in the APJ region in 2008, and the third highest volume of malicious activities. This reflects the growing need for Internet security in India. According to industry sources, the overall security market grew by a healthy 39%, with the antivirus market, valued at Rs 272 crore, being the largest component in FY09.

The internet threat landscape today is murkier than ever before. In fact, Symantec created 1.6 million malicious code signatures in the first half of 2009, which is 60% of the signatures ever created by Symantec. These signatures helped Symantec block an average of more than 245 million attempted malicious code attacks across the globe each month during 2008. Furthermore, with significant financial transactions taking place and confidential data being shared over the internet, information security is an urgent concern today.

The majority of people that pay for security software now buy the full suite, complete protection solution instead of entry-level solutions. This trend continued through 2009, in spite of tougher economic times, expects it to be maintained in 2010. The Asia-Pacific IT security market is growing at an average of 26 percent, even as the worldwide market for anti-virus solutions at large is growing at 12 percent. The SOHO and the retail segment alone contribute to more than 200 crore market. Along with the enterprise segment the antivirus market is expected to grow around 1000 crore. India is a potential market for AV vendors.

Internet security suites now come standard with a bunch of small, non-AV utilities designed to secure confidential information and check the legitimacy of resources. You can call it a paradigm shift from traditional/reactive AV, to preventive and comprehensive information security. Few examples of the newer tools that safeguard information are: Parental controls, anti key-loggers, wifi-spot legitimacy checkers, online information vaults, mobile AV clients, and email encryption. In addition, few more examples of the more traditional tools are: Anti-spam toolbars, pop-up blockers, browser filters, and personal firewalls. According to industry experts, market for internet security suites is close to $35 million and is expected to grow at a 25% more in 2010 as the spending on the connectivity increases the need of security also increases.

Empowering Information Protection

While new threats are emerging every second, internet security solutions need to keep up with the increasing sophistication of cyber criminals. Hackers are using highly developed strategies and taking advantage of unpatched networks with zero-day exploit. At the same time external threats are increasing in sophistication, the “inside threat,” or the loss of business information through an internal leak, has reached an all time high. Whether malicious or accidental in nature, losing critical information such as customer data has become a boardroom-level problem. The old paradigm of simply protecting your network perimeter from external threats has been replaced by the need for a comprehensive solution that also safeguards against internal threats encompassing all channels of communication—Web, email, Instant Messaging and VoIP etc. Experts from Symantec believe that the industry has reached an inflection point where more new malicious programs are being created than good programs. At this point, given the sophistication of the threats, a new, hybrid approach to virus detection and protection is necessary.

Traditional blacklisting and whitelisting work well for prevalent malware and goodware, such as a malware file that is on thousands or millions of computers across the Internet. However, these techniques are much less effective at addressing the Internet’s “long tail”—the tens of millions of files that are each on just a few computers in the world. That’s why Symantec has developed a new file-based reputation system that leverages our huge opt-in user base—currently around 35 million users—to anonymously collect application usage data. The system uses this data to derive highly accurate application reputation ratings. All this happens behind the scenes; users are never prompted to submit information or provide input, and participation is voluntary, requiring an initial opt-in when the software is installed.

Cyber criminals continue to refine their attack methods, in an attempt to remain undetected and to create a bigger network to support the expansion of criminal activity. Organizations now face a landscape that involves crafty, targeted, and financially motivated attacks. Higher awareness needs to be built in among the probable cyber victims for them to be prepared and armed with strong security solutions. For example, VeriSign’s SSL, authentication, identity protection, and registry services allow companies and consumers all over the world to engage in trusted communications and commerce. Symantec has established some of the most comprehensive sources of Internet threat data in the world through the Symantec Global Intelligence Network. This network captures worldwide security intelligence data that gives Symantec analysts unparalleled sources of data to identify, analyze, deliver protection and provide informed commentary on emerging trends in attacks, malicious code activity, phishing, and spam. More than 240,000 sensors in 200+ countries monitor attack activity through a combination of Symantec products and services as well as additional third-party data sources.

According to Unistal, internet security suites are able to bring a major change in consumers’ information protection environment by the growth of managed security services and with conformity initiatives leading to the identification and access management as the prime criteria to secure consumers information. Apart from Firewall Internet security suites also provide the option of data encryption, IM conversations encryption, Parental Control and a file vault to secure your sensitive files.

Are These Capable Enough?

Cyber criminals today no longer operate for fame, but for financial gain. There is a highly organized cyber mafia at work, creating new pieces of malicious code every second and conducting highly targeted attacks on internet users. In fact, according to Symantec’s Underground Economy report, the total value of goods and services advertised on underground economy services was over $276 million.

In such a scenario, users should defend themselves with a good, up-to-date security suite from a reputable vendor who can protect not only against known threats, but also never-seen-before attacks. Symantec’s Security Response Labs, part of the Global Intelligence Network, address urgent security concerns by delivering early warning solutions that provide a thorough analysis of Internet security threats, evaluating how threats work together and then offering recommendations on protection. Symantec researchers analyze how multiple threats work together, how this could impact a customer, and how to protect against these threats.

According to Websense, the internet is very dynamic in nature and so is the security threat landscape. Hackers are using every possible techniques and technologies to breach the security measures taken by enterprises. In order to minimize the incidence of hacking it is imperative for enterprises to have an integrated approach in Web, data and email security. The ThreatSeeker Network from Websense provides the intelligence that underlies Essential Information Protection by delivering real-time reputation analysis, expanded behavioral analysis and actual data identification. Trend Micro believes that internet security suites today are more capable than ever but it is still not enough. Relying on pattern files are reputation DBs, no matter how good they are, will always be a reactive, catch-up game. User education and the use of preventive information theft methods/tools like the ones mentioned above will help.

Quick Heal feels that security from hackers is a function of the Firewall, and level of protection essentially depends on the capability of the Firewall. A major issue here is that Firewalls need higher level of user intervention which at times reduce their effectiveness. Desktop firewall architecture has definitely evolved and a smart user can definitely be confident of getting much higher level of protection with a good desktop Firewall. Unistal also says that hackers use phishing scams, spam email or instant messages and bogus Websites to deliver dangerous malware onto computer and compromise computer security. They can also try to access your computer and private information directly if you are not protected with a firewall or monitor your chat room conversations. The above issues can be easily overcome by using an Internet security suite which has solution for all the above threatsand much more. The comprehensive options to analyze and filter network and internet traffic prevents hackers to access the information in user’s computer.

Manish Bansal, Regional Manager, Websense India

ESET points out that advanced version of Internet security suites like ESET Smart Security, which has Host based Intrusion prevention system where all Unauthorized attempts to modify your OS or applications are actively blocked through a combination of advanced behavioural analysis and network filtering that monitor your system processes, files, and registry keys. Advance Anti Root kit protection and protection against phishing attacks (10% of phishing around the globe are specifically targeted towards India) are offered in basic AV solutions. Anyway Antivirus products along with the firewall have been and are the most simple and effective way to protect your system from Online threats. Internet Security suites offers all necessary features to combat hacking attacks with low system footprint.

Changing the Game?

The Internet is exploding with Web 2.0 applications and its full impact on enterprise security is still not well understood. IT professionals struggle to adopt reasonable policy controls to keep their networks safe from external threats. Manish Bansal, Regional Manager, Websense India, said, “as new forms of dynamic content such as iGoogle, video sharing sites, blogs, social networking sites etc. stream into enterprise networks, administrators are looking for solutions to block dangerous or inappropriate content, yet allow employees reasonable and necessary Web 2.0 access to get their jobs done.”

Vishal Dhupar, Managing Director, Symantec India

The explosion of malware variants and the increasing sophistication of cyber criminals have rendered traditional security solutions obsolete. Advanced and innovative technology like reputation-based technology leverages millions of users who choose to anonymously contribute data about the applications running on their systems. This data is fed into a reputation engine where dozens of attributes for each file, such as age, download source, digital signature, and prevalence are combined to determine its reputation. Without ever having to ask the user, Symantec can infer with an extremely high degree of accuracy the likelihood of an unknown application being good or bad.

Vishal Dhupar, Managing Director, Symantec India, said, “Since the traditional blacklisting and whitelisting approaches no longer work against the ever-evolving cyber criminal, this reputation-based technology will provide users with more protection and more confidence that their online interactions are secure.”

Abhinav Karnwal, Product Marketing Manager, APEC,Trend Micro

According to Abhinav Karnwal, Product Marketing Manager, APEC,Trend Micro, there are two aspects to this. First the shift in “Endpoint” from desktop to laptop to mobile devices! This change will certainly necessitate suites for mobile devices and their corresponding platforms. The second aspect is the shift of processing from the endpoint to hosted services, which will necessitate more encryption solutions.
With the Global Digital economy on rise, “consumers are moving on-line” and “fraud is following the same path”. With the advantages that the companies can gain with an online presence, they must start turning “security” into revenue by leveraging trust / security in their brand(s). From a technology perspective they must adopt a smarter approach based on Risk, Cost and User Interaction. IT departments must enable a “layered” security approach in organizations.

Rajiv Chadha, Vice President, VeriSign India

Every day, identity thieves are getting smarter at tricking people into revealing their account numbers, passwords, Social Security Numbers and financial information. Last year, they racked up 9.9 million fraud victims who lost an average of $4,849 in each incident.

Commenting on the game changing factors, Rajiv Chadha, Vice President, VeriSign India, said, “The good news is the market is witnessing a shift in security adoption; from security solutions adopted in response to a security breach, to a more proactive adoption to counter the possibility of a security breach. Security must be seen to enhance – not inhibit – the online customer experience. While “Passive” security has played an important role in the past, it is “Active” security technological developments which will gain a lot of momentum which will help building confidence and protecting the consumers.”

Venu Palakirti, Regional Director, India & SAARC Region, F-Secure

Venu Palakirti, Regional Director, India & SAARC Region, F-Secure, “the market is driven by consumers and SMBs and it is very clear that the Internet players who were sometime back offering only access are now in the game of offering Security suites to the consumers with their connectivity which is a clear game change from the traditional Channel partner dominated one.”

Battle for Survival

The constantly evolving internet threat landscape creates constant challenges for security vendors. Experts believe that there would be very few vendors in the Internet security space in the coming days.

Amit Misra, Country Head, ESS Software Distribution & Consulting (P) Ltd

ustomer have became very cautious as they don’t select the antivirus solution on way they are marketed but they often select on the basis of their technical feature and capabilities. Even malware have become far more complex and varied. India remains a hub for the malicious activities where you at least have more than 20,000 malwares in a single day approximately 10% increase as compared to 2008! India is among the top five countries having the highest number of broadband users. Viewing the future tough challenges, Amit Misra, Country Head, ESS Software Distribution & Consulting (P) Ltd, said, “Ultimately AV companies that cannot keep up with the very latest technological developments to combat such threats with their AV solutions will not be able cope up with the demand of the customer for technologically advanced AV solution. Moreover with growing competition, new players will take opportunity of current market situations in India to explore the market.”

Symantec believes that they have the advantage of their Global Intelligence Network which, as discussed earlier, captures worldwide security intelligence data that gives Symantec analysts unparalleled sources of data to identify, analyze, deliver protection and provide informed commentary on emerging trends in attacks, malicious code activity, phishing, and spam. The Global Intelligence Network enables Symantec to detect and remediate threats in real time, allowing us to protect customer information as well as interactions over the internet. In the context of the malware explosion that the world is witnessing, Symantec believes vendors who can provide complete protection against new, never-seen-before threats, will be the preferred choice of customers.

Abhijit Jorvekar, Country Head, India, Quick Heal Technologies Pvt. Ltd.

Websense believe that only those vendors who are able to provide comprehensive and integrated security with real time analysis of content will be able to gain market share. Commenting on the survival issue, Abhijit Jorvekar, Country Head, India, Quick Heal Technologies Pvt. Ltd., said, “Presence of large no of vendors has definitely lead to severe competition, and there will definitely be consolidation in the future. So, it is quite obvious that very few organizations will be able to survive. Looking at the rate at which the malware threats are growing, some of the vendors might also go bust due to inability to cope up with technology demands. But this may not happen in near future, as security market continues to grow at healthy double digit growth rates.”

In brief, experts believe that consolidation will happen as the spending on the R&D to keep up the pace of the new threats which are coming rapidly in the Internet space and not many small companies can invest in this area so that they can give optimum support to the users out there.

Future

With growing broadband adoption, India is becoming a hub and a target for malicious activity. However, awareness and adoption of security solutions is rather low. In fact, according to a Symantec report, adults in India rank the highest when it comes to not having the basic security measures. 33 percent of adults in India do not have security software.

This is despite the fact that India had the third highest volume of malicious activity in APJ, according to Symantec’s Internet Security Threat Report XIV. Furthermore, in the APJ region, India ranked first on worms and viruses attacks prevalence chart. 9 of the top 10 malcodes found in India consisted of worms (55 percent) and viruses (15 percent) that disabled security related processes, downloaded additional threats and stole confidential information.

According to Alok Gupta, MD, Unistal Systems Pvt Ltd

The report also revealed that India had an average of 836 bots per day during 2008 and there were 103,812 distinct bot-infected computers observed in the country during the period. This was a staggering increase of nearly 250 percent from the previous Internet Security Threat Report.
Furthermore, twelve percent of spam detected in APJ in 2008 originated in India, making it the third-ranked country for this category.

According to a report by IDC India, the key trends in the Indian e-Security market are a convergence of network and desktop security coming closer, different unified threat management appliances, policy-based administration and single sign on coming into usage. Also of significance is the emergence of solutions approach or the service element becoming important, thus giving rise to security consulting and the rise of end-to-end security services and managed security services. The study shows that the Indian market for security products and solutions will grow to around $1bn by 2012.

Pratapaditya Mondal, Satcom Infotech

According to Alok Gupta, MD, Unistal Systems Pvt Ltd, The internet security suites market growth would see an upward trend. The usage of internet would be growth factor for this as it would become mandatory for users to secure their sensitive information and also more and more corporates would be driven towards a security policy to be adopted and implemented. On the other hand, Pratapaditya Mondal, Satcom Infotech, says that globally there has been huge growth in the security industry which is attributed to a higher demand for strong security solutions in market verticals such as government installations, financial services, and healthcare. The demand for Internet Security Suite will continue to grow. ESET believes that the most important thing is that demand for quality will increase: detection rates, frequency of updates, proactive technologies, etc. Indian Antivirus market is growing at a good pace as compared to the worldwide AV market. Growing competition will have positive impact and will raise the quality of security solutions offered to the end users. India being a price sensitive market with the lowest antivirus price, when compared with global markets, demand for ONE BOX Internet security solutions will continuously grow.

—By: 'InfoSecurity' Bureau.