PHOTO - Dato' Sri George Chang, Regional Director, Southeast Asia & Hong Kong, Fortinet
According to IDC, the Malaysian security appliances market grew 9.38 percent year-over-year in the first half of 2012. This compares well with the 9.32 percent for Asia Pacific and is a healthy growth rate. Growth in the unified threat management (UTM) segment was even higher, at 14.18 percent and 12.87 percent respectively.
In both Malaysia and Asia Pacific, the network security market was driven mainly by organisations seeking to protect themselves against increasingly sophisticated threats. The prominence of advanced persistent threats (APTs) and DDoS attacks reported around the world also encouraged enterprises to take greater measures to raise IT security.
We are seeing more and more SMBs (small and medium businesses) break out of their traditional apathy to respond to these concerns - some of them are purchasing new network security solutions, while others are subscribing to managed security services from service providers. Other trends spurring security adoption in Malaysia and the region are data centre virtualisation, cloud computing and enterprise mobility (or BYOD).
In addition, during 2012, a number of highly visible cyber attacks made news headlines around the world. Bursa Malaysia, Malaysia's stock exchange, reported that its website suffered a DDoS attack in Feb 2012, causing intermittent access to its website. With the enactment of Malaysia's Personal Data Protection Act which requires stringent compliance to regulations on storage and management of personal data information, Malaysian enterprises are re-assessing their enterprise security needs and infrastructure.
According to Frost & Sullivan, financial services institutions remain the primary spender in the Malaysian network security market. This was mainly driven by the strict requirement and regulations imposed upon them. The service provider vertical is also spending liberally on security, in part to meet SMBs' growing needs for managed security services.
Another market driver is the rise of BYOD, or the bring-your-own-device trend. Mobile device ownership in Malaysia is among the highest in the region. The rapid inflow of consumer-owned smartphones and tablets is also causing significant security challenges for many organisations. This presents opportunities for Fortinet to address BYOD risks in the network.
With regard to low points, the expectation of an early next general election somewhat prevented enterprises, especially the ones connected with the government, to increase their spending. This looks set to drag on beyond 2012 as it becomes increasingly likely that Malaysia's General Election will now take place in 2013 before June 2013. Once that is over, however, government network security spending will likely pick up.
In Asia Pacific, however, government spending showed good growth as the number of government websites hacking incidents worldwide increased and got publicised. BYOD adoption among enterprises was also healthy.
According to Frost & Sullivan, the Malaysian network security market is expected to witness a strong growth in the coming years, with CAGR (compound annual growth rate) predicted to hit 12.6 percent during 2012 to 2018 reaching a total market size of US$126.8 million in 2018. The market is expected to slow down in 2012 due to the high growth that happened in 2011, but growth is nonetheless expected to pick up again in 2013 after the general election.
In addition, the Malaysian government's economic transformation programme will likely encourage more foreign investment and create more SMBs. These SMBs will boost the security market - Frost & Sullivan expects the Malaysian firewall market to grow with a CAGR of 11.0 percent. With the rise of APTs and DDoS attacks, IDS/IPS (intrusion detection system/intrusion prevention system) security solutions are also likely to see a rise in demand in the coming years.
There are also continued opportunities in BYOD. More and more employees are using their personal tablets and smartphones to access the corporate network and do their work from anywhere. IT consumerisation represents an increasing risk to enterprises' information security.
As these devices are personal, and go beyond the security firewall of the organisation, it is becoming a major task to secure these devices and monitor them. We expect more organisations to deploy security solutions on their network to enforce policies and controls around what the client, data, and user can do or access.
We also see opportunities in the SMB space, not just through the sale of our entry-level appliances but also in terms of subscription-based security services run by our service provider partners. Such services let SMBs have their IT spend on an Opex rather than Capex model.
Going forward, we expect more service providers to provide managed security services, as well as create more niche security services to suit a diversified customer base. As a result, SMBs will increasingly be able to access the same levels of security traditionally enjoyed by large enterprises
Security remains critical
In 2013, security will remain critical to the survival of businesses, so we are see continued spending in this area in spite of the lacklustre economy. However, enterprises have become more discerning in their choice of vendor partner. Increasing, to win the deal, vendors need to demonstrate not only their products' performance, but their ability to provide strategic value and boost ROI. Strong customer references are also needed, and enterprises need to be convinced of a vendor's long-term commitment to the industry and their technology,
Fortinet's business model - based on the UTM (unified threat management) concept that strengthens security while easing management and reducing costs, stands us in good stead in this economic environment. According to recent IDC figures, we have been performing above market growth rates in many countries including Malaysia, and we expect this trend to carry on as we continue to invest in R&D, improve the performance of our solutions, and expand our channel ecosystem to cover new geographical areas.
In Malaysia, we are also working with government agencies including CyberSecurity Malaysia and other partners to raise security awareness in the industry and upgrade the security skills of IT professionals. Earlier this month (Nov 2012), we have been appointed by Pembangunan Sumber Manusia Berhad (PSMB) as one of their official training providers.