The worldwide cybersecurity market increased 9.7% year on year in Q1 2020, as investment was boosted at the end of the quarter by organizations securing new remote workers in the early stages of lockdown in response to COVID-19. Total investment reached US$10.4 billion, which includes network security, endpoint security, web and email security, data security, and vulnerability and security analytics. Cisco was the leading cybersecurity vendor during the first quarter, accounting for 9.1% of total investment. Palo Alto Networks remained its closest challenger, with a 7.8% market share. Fortinet maintained its momentum and increased its share to 5.9%. Check Point was the fourth largest vendor, accounting for 5.4%, while Symantec rounded out the top five vendors with 4.7%. But growth in cybersecurity will be under pressure as IT budgets are reassessed to account for worsening economic conditions. This is despite the criticality of protecting organizations’ data assets, operations and employees from increasing threats and vulnerabilities. Consequently, planned increases in cybersecurity spending over the next 12 months will be either reduced or halted completely.
“The unprecedented shift to remote working from March resulted in strong demand for endpoint security to protect new company-deployed notebooks, as well as consumer-owned devices used as part of business continuity measures,” said Matthew Ball, Canalys Chief Analyst. “Endpoint security shipments increased 16.9% to represent 15.4% of the total cybersecurity market. This strong growth continued into Q2, as more countries implemented lockdown measures. But network security only grew 4.0% as the hardware appliance business for some vendors was affected by supply chain constraints. In addition, many organizations were able to either better use existing network access through service engagements or increase capacity through additional licenses rather than buildout new network security infrastructure. Web and email security grew 13.8% year on year as organizations continued to expand their use of cloud-based services and software-as-a-service applications, including Office 365.”
Cybersecurity vendors responded quickly to the crisis, enabling organizations to secure new remote workers temporarily, and giving back visibility and control after many had bypassed policies to ensure continuity. Cisco extended free licenses for its Umbrella, Duo Security and AnyConnect Secure Mobility Client products to both existing and new customers. It also announced its US$2.5 billion Business Resiliency Program to keep its pipeline healthy. Palo Alto Networks launched its financial services arm to offer extended payment terms, in addition to free 90-day trials for its GlobalProtect offerings. Juniper Networks provided free trials of its vSRX to customers to expand firewall capacity, as well as free trials of AppSec, IPS and SecIntel. Bitdefender aimed its 12-month free access offer at healthcare organizations, while Kaspersky also made its Endpoint Security offerings and Hybrid Cloud Security available for free to the sector. Trend Micro provided its Maximum Security product free for six months to workers having to use their own devices. McAfee offered short-term three-month burst licenses for its endpoint, DLP, Unified Cloud Edge and CASB products.
“The vendors that were quick to support existing and new customers during lockdown will stand to gain the most once organizations reassess and reprioritize their cybersecurity strategies,” said Canalys Research Analyst Ketaki Borade. “Workers will be more decentralized and work from multiple workplaces post-COVID-19. This has implications for the type of cybersecurity solutions needed, with greater emphasis on cloud security, zero-trust and policy automation. But cybersecurity spending is unlikely to be completely protected from budget cuts, as organizations adjust to deteriorating fiscal conditions.” Growth rates are expected to slow for the rest of the year, and into 2021, though there will be some uplift in certain sectors as free trials expire and customers switch to paid-for offers. Large projects are already being scrutinized, causing delays, while SMB demand fell from mid-Q2. Fewer upfront payments for multi-year contracts will be another factor over the next couple of quarters, though many vendors have already shifted much of their business to more predictable subscription models.
“The shift from high to low growth will affect all vendors. Private equity-backed vendors will look to cut costs further, while startups will accelerate their exit plans, giving larger vendors opportunities to acquire emerging technology and accelerate their strategies. Channel partners and customers will have to carefully assess the vendors they work with, in terms of support and investment to meet their evolving needs,” said Borade.