Security technologies rise and fall in popularity, and Forrester Research in its TechRadar report puts its bets on five it thinks are in a growth mode and five it thinks are dying away.
The following are Forrester's picks for security technologies likely to grow in use:
1. Configuration auditing tools
According to Forrester, not much to see right now, but in three to five years they'll be in wider use because of the increasing number of data breaches and current regulatory environment and "have the potential to become ubiquitous in enterprise security organizations."
2. Malware analysis
Providing analysis used in incident response and vulnerability management, the "adoption of such tools is expected to rise" within the next three to five years in part because of "state-sponsored or advanced persistent threats" which require "more diligent inspection of network traffic."
3. Network encryption
Although network encryption exists in infrastructure devices such as routers and switches, demand for stand-alone appliances is just starting, Forrester says, due to many compliance requirements to encrypt and secure data. In one to three years this could reach the next phase, though without compliance pressures, this technology will be adopted by only the most stringent and largest of enterprises, according to Forrester.
4. Predictive threat modeling
This relatively new concept calls for analyzing how to properly protect important data by proactively modeling threats, says Forrester. In three to five years it could hit the next phase, although the "costs and complexity of current threat modeling tools work as a barrier to adoption of this new technology."
5. DDoS (distributed denial of service) mitigation controls
While there have been anti-DDoS products on the market for some time, Forrester points out, the market has until recently been very small. But due to the increase in hactivism, "the market for DDoS protection is poised for growth" within one to three years, Forrester predicts, especially as a service.
Forrester's says these security technologies may not survive the next few years.
1. Network access control
Forrester believes the market for stand-alone NAC offerings will likely be phased out over the next five to 10 years. (Though Forrester suggests there's a bit more hope for "packaging NAC" in security software suites or infrastructure security.) Why is it bad news for NAC? Forrester says only 10% of technology decision makers will implement it over the next 12 months because "solutions are complex to deploy, scale and manage." There are several NAC architectures, plus hardware and software approaches, and "all the approaches require integration with network infrastructure components." "NAC won't stop a malicious insider who wants to commit a security breach for financial or other reasons," Forrester says.
Sign up for CIO Asia eNewsletters.