Why the IT Security Market Needs to be Even Greater than $60 Billion

In recent posts we’ve discussed how the shift to the cloud, the explosion of mobile usage, and the massive growth in data will help drive the next wave of productivity and economic gains for companies. But these new technologies also dramatically shif the nature of where data is, how much there is, and how it is accessed, and therefore require an entirely new approach to IT security, which is already a $60 billion market.

Information security isn’t a new battle for enterprises.  But it’s escalating. The average cost of a breach today is $188 per record in the U.S, up 18 percent from last year, according to the Ponemon Institute, with the total costs of the average data breach hitting $5.4 million. Cyberattacks, at least the ones that we know about, cost businesses about $140 billion annually, a figure that is growing. In fact, at least one in five enterprises—and likely more—has been compromised.

Target’s breach last holiday season resulted in 40 million customers having their credit or debit card numbers stolen, and personal information leaked pertaining to 110 million customers. According to Gartner, retailers spend 4 percent of their technology budgets on security, compared with 5.5 percent for banks. And clearly, it’s not enough. JPMorgan Chase, Bank of America, Wells Fargo, U.S. Bank, and PNC have all suffered recent website attacks. Even other high profile organizations, including the New York Times, Lockheed Martin, and NASA have been hit.

Beyond the shifting IT dynamics, security threats have also matured in their sophistication and magnitude. Whether it’s an internal threat from a lost iPad or malevolent employee; espionage from China or Russia; or even the socially motivated hacker group called Anonymous, almost every organization is more exposed than ever to having its intellectual property being stolen, its customer records breached, or sensitive information shared with competitors.

Clearly, new solutions are needed, as well as a fresh approach to IT security.

The explosive growth in the cloud and mobile sectors are contributing to the porosity of security at a time when the stakes have never been higher for businesses and governments. Additionally, privacy concerns, a more stringent regulatory environment, and the continuing proliferation of employee-owned mobile devices require organizations to implement increasingly sophisticated security solutions that can help them adapt to these new standards and expectations.

At Ascent, we have been investing in security technologies for over 15 years and through this experience we have learned the subtle but important industry dynamics.  We have had the good fortune to work with some great people and companies such as Guardium, Fidelis, Network Intelligence and Business Layers, and continue to focus here with current portfolio companies including:

• CloudLock, Inc, which provides enterprise class security solutions for data in the cloud
• Perspecsys, which develops solutions to enable organizations to find, protect, and use their clouds securely
• V.i. Laboratories, which develops usage tracking software and revenue recovery services

Ascent portfolio companies in the security space have been acquired by the likes of IBM, EMC, General Dynamics, Netegrity, and NetIQ. Today we’re seeing more and more incumbent security companies “innovate through acquisitions” because the landscape is evolving rapidly on both the architecture side and the threat side, so fast that it is often only small nimble startups who can provide solutions to match the needs.