Malaysian Organizations Need to Invest in Sophisticated Security Solutions, Says

IDC
08 Aug 2014

KUALA LUMPUR, August 8, 2014 International Data Corporation (IDC), a leading ICT
market research and advisory firm today revealed findings from a recent survey of
Malaysian IT security that highlights healthy spend in network security, endpoint security
and other basic security solutions, but very limited spend in more sophisticated solutions
that represent critical gaps in the defense against today's increasingly sophisticated
threats.
About 45% of the organizations across industries in Malaysia have very high concern on
the increasing sophistication of security attacks. Some organizations from financial
industry may have invested in advanced security solutions that are able to analyze, detect,
and response in near real-time to sophisticated threats or any security incidents. Majority
of the organizations in other industries are investing more in fundamental security such as
network security and endpoint security.
Although Malaysian organizations recognize the threats are getting more sophisticated,
the IT spending is still prioritized on the fundamental security products that are insufficient
to address the sophisticated threats. The fundamental security has to integrate with
advanced security technologies in order to tackle the increasing threats issues," says Liew
Siew Choon, Senior Market Analyst, Software Research, IDC Malaysia.
The survey results from IDCs Continuum Study 2014 showed the top three security issues
Malaysian organizations most likely to address in the next twelve months:

23% on data loss prevention a combination of network, endpoint, messaging,

web, and storage security that provides protection on data in motion, in use, and at rest.
20.3% on network security includes enterprise firewall software, network

access control, virtual private network (VPN), and network intrusion detection and
prevention software.
15% on endpoint security includes antivirus/ antimalware, personal firewall
software, and file/ disk encryption.

Figure 1
Only 9.3% of the organizations are concerned on security and vulnerability management
that includes security policy management, risk assessment and vulnerability scanning as
well as advanced security technologies such as security analytics, threat intelligence, and
forensics.
"The security model within the organization has to be aligned with the changing business
environment. Organizations will have to face with more security challenges during the
transition to 3rd Platform the next-generation compute platform characterized by mobile,
cloud, big data, and social if IT spending is still focused on fundamental security
products, adds Liew.
Liew recommends that organizations have to understand their risk profile through
continuous risk assessment and to adopt advanced security solutions to improve the risk
posture. The spending on both fundamental and advanced security has to be balanced to
mitigate the risk from changing threats.
"Investment in advanced security is important on the journey to the 3 rd Platform, where
organizations will need to utilize more layers of security, as well as leverage new
approaches and solutions born in the 3rd Platform, not forgetting to integrate them back
into the existing security infrastructure, says Chuang Shyne-Song, Program Director,
Cross-Pillar, Security and Technology Advisory Service Research Group, IDC Asia/Pacific.
With the 3rd Platform driving the security needs, IDC forecasts the overall security market
in Malaysia to grow at 5-year compound annual growth rate (CAGR) of 13.0%, in which
the security software to grow at 9.8% and the security appliance at 16.8%.