Compliance, regulation the impetus for increased security: IDC

By Edwin Yapp July 6, 2012

Malaysian enterprises need to relook at security holistically in order to comply with the law and regulations
Niche security player Barracuda Networks aims to double its revenue in Malaysia

PRESSURE to comply with the legal and regulatory environment in different parts of Asia is forcing more companies to relook at their security policies, procedures and technological readiness, according industry analyst IDC.

Naveen Hegde, senior market analyst, software research, IDC Asia/Pacific, noted that many countries in Asia Pacific have begun enacting laws and regulations, mandating the protection of data and the compliance to cyber security standards.

Noting that this reaction is in response to the ever growing threat of loss of data and national security, Hegde said a number of organizations have begun to assess their security needs and policies closely as they need to address compliance like never before.

“This will drive the security appliance market further,” he said in an e-mail interview. “Organizations require products that will protect against a variety of threats, lower the total cost of ownership, and offer more streamlined management. As such, IDC expects to see continued strong growth in this market segment.”

IDC defines a security appliance as a special purpose device composed of a combination of hardware, software, and networking technologies whose primary function is to perform specific or multiple security functions.

Compliance, regulation the impetus for increased security: IDC Hedge (pic) said the factory revenue for the security appliance market in the Asia Pacific excluding Japan region stood at US$1.3 billion in 2011, representing a 15.4% growth over 2010.

He added that the firewall/VPN (virtual private network) appliance was the most deployed solution in terms of revenue percentages but the UTM (unified threat management) and next-generation firewall appliance market also saw very strong growth across the region.

Asked what were the factors driving this market, Hedge noted that IDC's research shows that the security appliance market is still evolving, despite its maturity in certain solutions and that new technologies are being invested in, and introduced.

“Organizations are now looking for ways to optimize their security infrastructure to deal with real threats in a cost-effective manner and [to facilitate] easy management,” he said.

Hedge noted that application awareness and control would continue to be a key feature demanded by organizations in order to address the growing threat and attack landscape.

As far as forecast is concerned, IDC expects growth to be strong in security appliance in Asia/Pacific, with a CAGR (compound annual growth rate) of 13% and to reach US$2.7 billion in customer revenue by 2016.

“Malaysia is expected to grow with at a CAGR of 16% till 2016. Growth is coming, especially from fast-growing security appliance markets like UTM/next-generation firewall, IPS (intrusion protection systems), VPN, and the content management market.”

According to IDC, the top five vendors in terms of revenue for this segment of the market were Cisco, Check Point, Juniper Networks, Fortinet, and TopSec.

Barracuda, on the prowl

Meanwhile, security appliance specialist Barracuda Networks aims to double its revenue in Malaysia as it seeks to make further inroads into the local market with its products and services.

Speaking to the Malaysian media officially for the first time, Rick Tam, regional director for Asia, Barracuda Networks, said the company has been actively selling its products, primarily in small- and medium-sized enterprises (SMEs) in Malaysia since 2004 and is more known for one product only -- its antispam solution.

Compliance, regulation the impetus for increased security: IDC "Because we had only one product at that time and we dealt through our channel partners who would then deal with end-users, we didn't need a big team to support the market," Tam explained.

Tam added that this is also why Barracuda Networks is engaged with the media for the first time since the establishment of its office in 2004 in the capital, Kuala Lumpur.

Tam (pic) said Barracuda began diversifying its portfolio in 2007 and started to offer enterprise-grade products such as web application firewalls, next generation firewalls, load balancers, and storage products and services.

"Today, Malaysia has contributed 60% to our total revenue for the Southeast Asia (SEA) region in 2011," he noted. "Overall, Barracuda has been recording a 40% growth in revenue for the financial year between 2010 and 2011 in the SEA," he said, adding that SEA comprised Indonesia, Thailand, Philippines, Singapore and Malaysia.

Asked why Barracuda was so confident it could double its revenue growth this year, Tam said that the company is expected to close some deals involving its web application firewall with the public sector that would be bring in more of than US$100 million in the next two quarters.

In tandem with this growth, Tam also revealed that Barracuda will increase its headcount from the present two people to at least four in the same period.

Thiban Darmalingam, regional manager for Barracuda SEA, claimed that Barracuda Malaysia currently has 30 government agencies using its products and services.

Noting that Barracuda is completely channel driven, Darmalingam said that partnership with local resellers would allow it to penetrate different segments of the market.

"Our partnership with Mesiniaga, for example, would put us in contact with mid to large enterprises, while our partnership with Kabaz, would put us within reach of telcos," he said, adding that the incumbent player Telekom Malaysia (TM) is one of its customers.

Besides TM as its customer, Barracuda counts amongst its clients several multinationals including JP Morgan, Citibank, HSBC and a large Malaysian bank, which Tam declined to name.

When asked if other appliance makers such as Fortinet or Palo Alto Neworks were Barracuda's main competitors, Tam said that sometimes it partnered with some of its competitors while at other times, it may compete with them head on.

"For instance, we are not an infrastructure player and sometimes we add our appliances behind say a Cisco or Fortinet device in order to complement the solution," he explained.

What is important, Tam said, is that the needs of its customers are met without having them to commit to a "forklift upgrade," referring to a process where a customer would have to rip and replace their its existing infrastructure in order to enjoy better security features.