/vnd/media/agency_attachments/bGjnvN2ncYDdhj74yP9p.png)
The network security market showed positive growth in FY 2006—07. There was
increased awareness on security-related issues, resulting in increased
compliance. Both, large enterprises and SMBs across almost all industry segments
prepared themselves for security threats and attacks. As networks have crossed
geographical boundaries, and increasingly more applications being run on them,
there is a growing realization to protect and secure information flowing over
networks, and this fuelled the market's growth. The network security market
closely follows infrastructure network deployments, and this was clearly
reflected in the growth last year. Major adopters of network security continued
to be BFSI and ITeS. The large network deployments on the telecom sector did not
reflect in their adoption of security, primarily because they are still
consolidating on their voice strategy.
Trends
There is increased consciousness of the need for information security
across the business spectrum in India. This is driven by multiple factors such
as regulatory compliance, reaction to an adverse incident, best practices
encapsulated in good governance, and insistence of business partners and
discerning clients/customers. Regulatory compulsions such as Clause 49
compliance enforced by SEBI for listed companies; reaction to adverse incident
as in the case of the dramatic metamorphosis that has happened in mPhasis;
security becoming one of the key issues discussed in board-room planning of
large enterprises as well as in the management conferences of IP-driven
industry; and adherence to standards such as ISO-27001 and COBIT, are becoming a
'must have' to get short-listed for a business opportunity or a partnership./vnd/media/post_attachments/16a41f8b24df1ed94f06b8025bc54e1a83491ff479488ba5f294bff62b9d20e5.jpg)
Indian MNCs like Ranbaxy, and Dr Reddy's, which are competing against the Big
Pharma companies need to comply with regulations like US FDA's 21 CFR Part 11
for their electronic records. As Basel-II compliance deadlines approach, Indian
banks under RBI's guidance are adopting strong network security controls under
the Operational Risk framework. The shipping companies have already strengthened
their network controls under the stipulations of ISPS, which was the new avatar
of SOLAS post 9/11. While the Indian legal system is yet to address privacy in a
meaningful way, regulations such as GLBA, HIPAA, and Whistle Blower's Act in the
US, Data Protection Act in the UK, and other equivalent laws across the EU,
Japan, and other countries of interest to Indian businesses, have already
manifested into implementation of strong controls in these businesses. The first
to adopt these controls have been the outsourcing/off-shoring industry based on
the service provided by them. For example, medical transcription companies are
compliant with HIPAA, and financial back-offices with GLBA.
The verticals leading the network security investment in India are the BFSI,
BPO/KPO, Pharma, and BioTechnology. There are specific segments of many other
verticals, which due to their relative criticality are adopting information
security controls. For instance, R&D establishments in manufacturing sector,
tendering division in construction, and data centers in virtually all businesses
are adopting InfoSec controls.
The Market
In FY '06-07, the overall security solutions market in India stood at
Rs 221 crore. The leading players in the security software services market are
HCL Comnet, Wipro Infotec, Data Craft and Secure Synergy. Security solution
implementation has emerged as a key focus area for organizations across India,
be it large enterprises or small and medium businesses.
In the last fiscal year, network controls which had become a part of the
basic hygiene were improved firewalls, AV and anti-spyware, and
content-filtering solutions for anti-phishing and anti-spam. A good trend was
that the SME sector had also adopted basic controls through an integrated
solution called a united threat management appliance. Also, large enterprises
moved towards identity and access management (IAM) solutions-a critical need
identified in SOX as well as the risk-bucket in Clause-49. There were also some
enterprises, which adopted strong two-factor authentication, HSBC being one of
the trend leaders with token-based authentication introduced for all its online
customers. With laptop theft being one of the most damaging threats, a large
number of organizations have adopted full-disk encryption solutions.
In the wake of increased information threats and rising instances of
intrusion and hacking, the worldwide market for network security appliance and
software is expected to grow to $6 bn by 2009. The security-software market has
never been so hot, or so crowded. Even the industry leaders are feeling the
fallout with more and more companies coming into the picture. The industry will
witness some major consolidations in the near future.
The Top Players (FY '06-07) | ||||
Rank | Companies | Revenue (in Rs crore) | Growth (in %age) | |
1 | HCL Comnet | 22 | 47 | 113.6 |
2 | Wipro Infotech | 27 | 38 | 40.7 |
3 | Datacraft | 16 | 30 | 87.5 |
4 | Secure Synergy | 10 | 16 | 60.0 |
Others | 40 | 90 | 125.0 | |
Total | 115 | 221 | 92.2 | |
*Others include: Nokia, Fortinet, Vintron, Sify, 3D | ||||
Service Vendors
HCL Comnet did integrated business of Rs 812 crore last year. Out of this,
revenue for network security services was Rs 47 crore. The company tops the
chart among the companies in the annual V&D100 survey. HCL currently has about
234 active customers. Major chunk of its revenue comes from its BFSI customers.
National Insurance Company and SEBI being its major clients.
In terms deployment of equipment from various OEMs, Cisco dominated their
deployments with a share of 45%. Checkpoint took a little more than 20%, and the
rest was almost equally shared between others such as TrendMicro and Juniper.
The company had 60% of its revenue from large customers, though they contributed
only 20% of the business by volumes.
With the SBI deal in 2005, Datacraft has increased its presence in 350 cities
and has more than 200 active customers. Datacraft reigned in about Rs 30 crore
from the security services business showing 87% growth over the previous year.
The SBI deal is so important for the company that it has a 500-strong workforce
only for the SBI account. VSNL, GE, Genpact, Bharti, and Syndicate Bank are some
other large customers for Datacraft.
wipro infotech's revenue stood at rs 38 crore, a 405 growth over its previous
year's revenue of rs 27 crore. the major customers were in the IT/ITeS, finance
and telecom verticals. the single largest order for network was more than $2mn.
Secure Synergy, though a small company, has put up a brave fight showing 56%
growth over the last year and registered revenue of Rs 16 crore. Its last year
revenue from network security services was Rs 10 crore.
/vnd/media/post_attachments/1e5e01625fa38382c9971f4e961ffae794cda9aea6ab9fb58b63d2e1a985dbf4.jpg)
Outlook 2007-2008
In this fiscal year, robust implementation of IAM solutions will
continue to be the focus. Data security will become the new focus area, with
strong authentication and intelligent encryption becoming the technologies of
choice. The proliferation of USB drives, PDAs, iPods, and other easy-to-miss
storage devices has made it imperative that all legitimate machines on the
corporate network are protected by an end-point security solution which renders
these alternate copying devices ineffective.
Network reliability and optimization, as corporates grow exponentially and
across multiple geographies, is becoming a key concern. On the same line,
product vendors like Symantec are foraying into security services to provide a
complete solution. Symantec is now heading towards the services turfs on the
security territory. The venture is expected to take shape by end FY-07 and is
anticipated to spike the revenue contribution of services from current 5-10% by
2010. Overall revenue targets for FY-07 are pegged at $5 bn. Network and host
based IDSs as a part of a coordinated and correlated defense will be
increasingly deployed to compensate for complacency and omission on part of
human scrutiny. The need to keep non-compliant rogue systems out of the hardened
network is urgently felt. Towards this end network admission control solutions
will be increasingly adopted to either get a visitor or remote user up to the
basic hygiene level before allowing access or to quarantine him in a segment
where the damage-potential is contained.
The year 2007 will focus clearly on security and prevention of intrusions.
Despite the constant development of sophisticated software tools to prevent
intrusions, hackers and evil-types that like to throw junk on networks and PCs
are also becoming more sophisticated and more onerous every day. In 2007, VARs,
systems integrators, and consultants will need to focus their efforts much more
on helping corporate enterprises to prevent intrusions. In fact, services in
general will become a hot commodity in 2007.
Gyana Ranjan Swain
gyanas@cybermedia.co.in