Time to get the lowdown on the cyber crime scene

With InfoSec kicking off this week Nick Booth looks at the event through the eyes of a slightly different audience

Crime is probably the world’s biggest industry, and yet there’s no such thing as a Crime Scene magazine, for the community of blaggers, thieves, fraudsters, solicitors and other associated services. (There is a definite gap in the market for a crime trade mag).

Anyone wanting to research new trends in the online crime market will have to make do with reading security blogs by the likes of Graham Cluley and Naked Security. If there is a trade event where cyber crims can keep up to date on the latest vulnerabilities, it would be Infosec I suppose. And they shouldn’t forget to read Gartner reports either, as they quantify the scale of the problem.

The growth areas for criminals, reading between the lines of Gartner’s latest report, are security information and event management (SIEM), secure Web gateway (SWG), identity governance and administration (IGA) and enterprise content-aware data loss prevention (DLP).

Cloud-based and hybrid SWG deployments are becoming increasingly popular, reports Sid Deshpande, principal research analyst at Gartner. Didn’t you just know what cloud computing would create a raft of criminal business opportunities?

Data traffic is getting exposed as it moves out of the control of traditional network security boundaries, he reports. Many cyber criminals, on hearing this news at an Infosec presentation, would leap out of their seats, high five each other and shout Woo! Woo! (as is customary at many IT events I’ve been to).

Symantec is still making the top dollars in this market but its revenue has declined for the second consecutive year. Second-placed Intel (McAfee) grew 4.6 per cent in 2014 to reach $1.8 billion. But earnings in two major markets (consumer security software and endpoint protection platforms) are declining. Thank goodness for the cloud with its ability to create new vulnerabilities.

IBM has profited from this, with its security software revenue surging by 17 per cent in 2014 to reach $1.5 billion. Its SIEM software products grew 21 per cent, as managed security service providers used it to batten down the hatches.

Data loss presents another opportunity for the criminal channels, judging by the growth of the data loss prevention (DLP) market, which grew by 15.8 per cent in 2014. Expect a surge in channel DLP (C-DLP) and "DLP lite" solutions, predicted Ruggero Contu, research director at Gartner. "Most established vendors in this space are transforming the way they deliver comprehensive DLP capabilities, and this transition period will likely impact growth in coming years," says Contu.

The cloud has brought good news and bad news. The bad news – for most of us – is that constant disruption has created the perfect environment in which criminals and psychopaths can thrive. 

On the other hand, that’s great news for the IT security channel. And great news for criminals and psychopaths. So do come and introduce yourselves if you see me at Infosec.

Read more on Data Protection Services