The cloud-based security services market will be worth $2.1 billion in 2013 and will rise to $3.1 billion in 2015, according to Gartner.

Gartner said that growth in cloud-based security will remain strong, but revenue opportunities will vary.

"The cloud-based security market remains a viable one, offering providers many opportunities for expansion," said Ruggero Contu, research director at Gartner.

"Encryption will be a new area of growth, but it remains a complex activity. The strongest interest will be in encryption products from cloud security brokers, which are relatively easy to deploy and have options for on-premises encryption management."

Gartner predicted that the top three most sought-after cloud services moving forward will remain email security, web security services and identity and access management (IAM).

The highest growth in 2013 and 2014, however, was forecast to occur in cloud-based tokenisation and encryption, security information and event management (SIEM), vulnerability assessment and web application firewalls.

"Areas such as SIEM and IAM offer the biggest growth potential, although for SIEM this will be from a small base," said Kelly Kavanagh, principal research analyst at Gartner.

"The benefits cloud security offers — particularly encryption — are making it an increasingly popular choice. However, trust concerns and regional variations mean that providers will have to assess each market opportunity carefully before deciding which to focus on," said Kavanagh.

Overall adoption of software as a service (SaaS) applications and other cloud-based services encourages enterprises to adopt cloud-based security controls, which are delivered either as stand-alone features or as part of an integrated SaaS package.

Managed security services (MSS) are also driving adoption of cloud-based security services among enterprises.

"The benefits of deploying cloud-based security services are clear," said Kavanagh. "Aside from the broad area of IAM, specific controls, such as encryption, are becoming vital to the adoption of cloud computing. They are further helping to generate interest in this particular form of security service delivery."

Gartner expects acceptance of, and reliance on, cloud-based security-as-a-service offerings to increase, based on enterprises gaining more experience with SaaS and more consumer-grade technology being made available to corporate systems as a result of trends, such as bring your own device (BYOD).

New SaaS-based offerings that address specific security controls for cloud-based IT resources will be available in the next 24 months, from larger IT and network service providers, aimed initially at small or midsize businesses (SMBs), he said.

Gartner predicted that smaller, pure-play managed security service providers (MSSPs) will be most affected by the introduction of these services, and expects them to consolidate

"Although enterprises' interest in encryption is expected to grow, service providers' relative lack of interest in cloud-based encryption means it has remained a complex activity, requiring organizations to initiate complex, build-your-own deployments," said Contu.

"The strongest interest is in encryption products from cloud security brokers, thanks to their relative ease of deployment and their options for on-premises encryption management. Nevertheless, Gartner expects cloud hosting providers and IaaS providers to show an increased interest in cloud-based encryption capabilities." - TradeArabia News Service