IT security trends and forecasts

On behalf of NürnbergMesse, the market research institute Gelzsus conducted an online survey between August 19 and September 4, 2015, among 360 exhibitors of the it-sa to their Market assessment surveyed (Participation rate: 24.7 %). Below are a few results:

Despite regular reporting on cybercrime, most users (54.5%) do not react until IT security incidents have already occurred. Less than half of the companies (45.5%) focus on proactively building protective measures before an attack becomes known.

One of the most important pillars for preventing attacks on corporate IT is the establishment of an IT security concept. According to the exhibitors at it-sa, however, only every second or third customer has one. "Medium-sized companies, which are often market leaders in their niche markets, are particularly at risk," knows Stefan Kirse, Marketing Manager at TÜV Informationstechnik. While two out of three companies with 250 or more employees (68.3%) systematize security measures, the proportion drops to just over half (51.2%) for companies with between 51 and 250 employees. Only one-third (36%) of clients with up to 50 employees have an IT security concept. "Many companies implement IT security only reactively and selectively. What is needed, however, is a coordinated, regularly updated concept, individually adapted to the company and its respective risks," says Christine Skropke, Head of Marketing, PR & Internal Communications at secunet.

Long breath required

Exhibitors at it-sa were also asked about the length of time from the first consultation to a customer's decision to buy. The majority of respondents indicated a period of three to six (34.1%) or up to twelve months (36.4%). It then takes another up to three (37.6%) or six months (36.5%) for most exhibitors and their customers to complete the project. In total, therefore, up to one and a half years can be expected in many cases from the initial needs analysis to the complete installation of a protective measure.

Critical infrastructures

The IT Security Act passed in Germany in July is likely to be a key topic of conversation at it-sa from October 6 to 8, 2015. It obliges operators of critical infrastructures to increase their level of protection and report serious security incidents to the Federal Office for Information Security. 81.5% of exhibitors expect demand to increase as a result of the law. "We expect that the implementation of the industry-specific minimum standards provided for in the Act will bring a further boost in attention," explains Christine Skropke. The list of industries expected to see the biggest increase in demand is headed by the energy sector (51.7%), followed by finance and insurance (38.2%), and the two sectors of information technology and telecommunications, and healthcare (31.5% each).

Sales growth and increase in the number of employees

Exhibitors at it-sa are very satisfied with the current situation in the industry: 84.7% of those surveyed rate the economic situation as positive, 10.6% as unchanged and 4.8% expect it to weaken. Since it-sa 2014, 83.7% of the exhibitors who participated again have seen a growth in sales volume in the IT security sector. None of the exhibitors surveyed had to report a decline in sales. "Small and large companies alike are now sensitized to the topic of IT and communications security. However, many companies only became aware of the risks in the wake of the NSA affair. Since then, demand for our solutions, especially for encrypted mobile communications, has increased significantly," reports Swenja Kremer, Director of Marketing and Press Officer at Secusmart. The development of employee numbers underlines the positive trend drawn by the exhibitor survey for the IT security industry: Three out of four companies surveyed (71.7%) stated that their employee numbers had "grown" (15%) or "grown strongly" (56.7%) since last year's show.

Who provides for demand?

Which customer groups will generate additional demand for IT security products and services in the future? Exhibitors at it-sa expect demand to increase in the following sectors in particular: credit institutions or finance (59.6 %), energy suppliers, public authorities and local government (52.8 % each), healthcare (51.7 %), and manufacturing and industry (43.8 %).