Analysis of the Security Management Market in Hong Kong

Analysis of the aegis wishment Market in Hong KongThe Security Management IndustryINTRODUCTIONSecurity concentrate oning is the combination of hardw be, softw ar package package, and go that normalizes, aggregates, correlates, and visualizes selective information from disparate aegis products. Security management is a broad confines that encompasses some(prenominal) currently distinct food foodstuff segments.With the presence of the net profit, spam is enough progressively costly and dangerous as spammers deliver more(prenominal) virulent payloads through and through email attachments. gibe to a recent IDC (2004) study, the volume of spam messages sent daily worldwide jumped from 7 billion in 2002 to 23 billion in 2004.The Hong Kong Population has increasingly net users. This boom in the electronic commerce creates ease in communication and on business transactions however this has too compromised the internal selective information surety with the presence of hac kers. Industry analysts believe that increased spending on internet shelter products and the establishment of a somatic data security policy is equ every(prenominal)y important in avoiding information leakage. Estimated information security spending in Hong Kong give r for each hotshot USD 231 million in 2003 and depart maintain a stable growth to reach USD 252 million in 2004. U.S. security products enjoy an excellent reputation in Hong Kong and should continue to dominate the grocery. agree to Braunberg (2004), a major early driver for security management products is the get to get a handle on concomitant data emanating from assault detective work systems. M some(prenominal) security management products be chiefly invadeed with the consolidation, correlation and prioritization of this type of data. These event management and correlation products address the volume of data and its composite origin, both in terms of devices and vendors.SECURITY MANAGEMENT MARKET IN HON G KONGMarket HighlightsThe continuous increase in demand for communication internation entirelyy, internet has been increasingly in demand. With the Internet in business transactions, companies expanded sales opportunities through e-commerce and reduce business costs. With the presence of Internet, companies mint broadly expand customer base.However, in spite of all these benefits that companies experienced with Internet, it has also brought some costs to companies. Internet opens up network and master of ceremoniess to external and internal attacks. In order to guard against these attacks, Hong Kong companies cast off increasingly felt the need to purchase Internet security.According to the report of HKCERT (2004), the number of PCs installed in Hong Kong has skewed to the low end. In the survey needed, it shows that 63.5% of the surveyed companies had installed 1-9 PCs and only 1.3% had installed century PCs or above.Consumer AnalysisIn the report of HKCERT (2002), industry pl ayers estimated that the Hong Kong trade for internet security products and operate in 2001 was USD 231 million and ordain reach USD 252 million in 2004. Generally U.S. internet security products atomic number 18 the major players and are enjoying an excellent reputation in Hong Kong and are continually dominating the market.Industry EstimatesThe survey of HKCERT in 2004 showed that Hong Kong companies adopted security technologies to sound their computer form attacks. The survey includes 3,000 companies from different industry sectors in Hong Kong. According to the survey anti-virus software was the most popular security measure, being used by 90.9% of the companies interviewed in 2004. Physical security (65.5%), Firewall (65.4%) and Password (60.6%) were the next three common security measures adopted (HKCERT, 2004). The information security ken of the companies in Hong Kong has increased calculateably as the percentage of companies without any security measures in place d ropped from 10.1% in 2003 to 3.6% in 2004 (HKCERT, 2004)As the survey shows, the use of firewall has significantly increased in 2004. This is due to the increasing knowingness of a number of companies that the basic security tools can not completely stop virus and because software vendors pay great effort in promoting their products.From the table above, US rank number one in the list showing that US is the major soldiery of malware in 2006. On the other hand, Hong Kong only is on the 9th place however it is still a major contributor of malware in the world.Sophos notes that up to 90% of all spam is now relayed from zombie computers, hi-jacked by Trojan horses, worms and viruses chthonic the control of hackers. This means that they do not need to be based in the analogous country as the computers being used to send the spam (IET, 2007).Sophos found that the most prolific email threats during 2006 were the Mytob, Netsky, Sober and Zafi families of worms, which together accounted for more than 75% of all give email (IET, 2007).According to the report, email will continue to be an important vector for malware authors, though the increasing toleration of email accession security is making hackers turn to other routes for infection (IET, 2007). Malware infection will continue to affect many websites. SophosLabs is uncovering an average of 5,000 new URLs hosting malicious code each day (IET, 2007).In 2006, it has been discovered that there is a decrease in use of spyware due to multiple Trojan downloaders. Statistics reveal that in January 2006 spyware accounted for 50.43% of all infected email, while 40.32% were emails linking to websites containing Trojan downloaders. By December 2006 the figures had been reversed, with the latter now accounting for 51.24%, and spyware-infected emails reduced to 41.87%.(IET, 2007)Market ChannelsIn Hong Kong, consumer-oriented products such as anti-virus, foreign companies normally market their products via local distributo rs who will then channel the products to resellers and in some cases directly to retailers. For enterprise-oriented products, which require value-added services such as system integration and after-sales support, overseas companies can go through local distributors and/or resellers. (Chau, 2003)Competitive AnalysisThe internet security market has four segments anti-virus, firewall, encryption software, and Security Authentication, Authorization Administration.Anti-virus packageAnti-virus software identifies and/or eliminates harmful software and macros. Anti-virus are more often than not software based. The major players in Hong Kong for the consumer market includes Symantec/Norton which possesses 50% of the market share in Hong Kong, Norman, Nai/McAfee, and panache little which are basically US origin (Chau, 2003). According to Chau (2003), consumers of Anti-virus are generally price sensitive and normally seek for products with established brand name.In the enterprise market of anti-virus, the major players include stylus Micro, NAI/McAfee, Norman and Symantec (Chau, 2003). According to the analysis, enterprise users will usually seek professional opinions from their I.T. service provider and are more likely to focus on brand reputation and offered features and pricing is not the main concern, although with the downturn in the economy, companies are becoming more price-sensitive (Chau, 2003)FirewallFirewall software/hardware identifies and blocks access to certain applications and data. There are two categories of firewall products software and hardware. The players in Hong Kongs software firewall market are Check Point software which dominates the market of 60% market share, Computer Associates, Symantec and Secure Computing (Chau, 2003).In the hardware firewall market, the major players are Netscreen with 50% market share, Cisco (PIX) with 20% market share, transonic Wall, Watchguard and Nokie of Finland (Chau, 2003).According to the report, the pri ce for software firewalls averages USD 20 per user. On the hardware firewalls side, the number of users and the kinds of features determine the price. A low-end firewall server costs USD 600 to USD 700, a mid-range server costs USD 2,000 to USD 4,000, and a high-end server costs USD 10,000 and above. Netscreen and Sonic Wall are quite common in small to medium-sized enterprises. Cisco targets large corporations. Brand reputation and price are the prime concerns for buyers. According to industry players, there is an increasing preference for hardware firewalls over software firewalls because the hardware firewall has a speed advantage and is easier to maintain. (Chau, 2003) encodingEncryption software is a security product that uses crypto-graphical algorithms to comfort the confidentiality of data, applications, and user identities. According to the study, the most commonly-used standards in Hong Kong are SSH, SSL, PGP, RSA, and DES. Different standards are used for different objec tives. SSH is mostly used to secure TCP connections between remote sites. SSL is commonly used in web browsers to secure web traffic. PGP is used for email encryption. RSA is for PKI system hallmark and authorization. DES or 3DES are commonly used in the banking sector. (Chau, 2003)According to the report of Chau (2003), the major players in encryption in Hong are PGP, Utimaco, F-Secure, SSH (Security Shell), and RSA.Security 3A SoftwareSecurity 3A (administration, authorization, and authentication) software is used for administering security on computer systems and includes the processes of defining, creating, changing, deleting, and auditing users.Authentication software is used for verifying users identities and avoiding repudiation. Authorization software determines data access tally to corporate policy. Administrative software includes internet access control, email scanning, intrusion contracting and exposure assessment, and security management. The major players in PKI sy stem in Hong Kong are Baltimore of UK, Verisign, and Entrust (Chau, 2003).Intrusion Detection Systems (IDS)An intrusion detection system (IDS) examines system or network activity to find possible intrusions or attacks. Intrusion detection systems are either network-based or host-based. Network-based IDS are more common.According to the report of Chau (2003), the major players of IDS in Hong Kong are ISS (Real Secure) which dominate in the market of 65% market share, Enterasys (Dragon), Symantec (Intruder Alert), Tripwire (Tripwire), Computer Associates (Entrust Intrusion Protection) and Cisco (Secure IDS). In the analysis it has been known that IDS end-users are mostly medium to large enterprises and the most significant purchasing criteria for end users are reliability and compatibility and price is not a key factor (Chau, 2003).Content Security ProductsThe major players of content security products includes Clearswift which has 50% market share, Websense which has 25% market share , switch off Micro and Serve Control (Chau, 2003).Market TrendsAccording to the report, on corporate side, the demand for network-based anti-virus would likely to increase than the demand for desktop-based anti-virus products since mostly viruses attacks are usually via internet (Chau, 2003).On the other hand, in the consumer side, consumer market would likely to fade away since consumers are downloading free anti-virus from the Internet. It is expected that ISPs will increasingly provide AV protection as a value-added service to the users (Chau, 2003).In the firewall software, it has been expected that the demand for hardware-based appliance products would likely to increase for small and medium-sized companies. (Chau, 2003)For Intrusion detection and vulnerability assessment, it is predicted that it will become very popular as enterprises will shift to a balance between internal and external threats. In addition, the distinction between host-based and network-based IDS is becomin g blurry with the creation of IDS consoles that receive data from both the network sensors and host agents. Integrated solutions will become the gallery. (Chau, 2003)Market DriverThere are several market drivers of security management market. Chau (2003) identified some of these market drivers. In his report, he enumerated three of these market drivers which includes the Internet growth, telecommuting trend, and government generated awareness of Internet security.Internet GrowthIn Hong Kong, the Internet has become the prevalent communication means between business transaction and even between employees with the increasing trend of globalization. According to Hong Kong Government survey in 2001, 1.25 million households or 61% of all households in Hong Kong has PCs of which 80% are connected to the Internet compared to 50% households with PCs in 2000 of which only 36% are connected to the Internet in 2000 (Chau, 2003). Generally, consumers are making use of the internet to send emai ls, surf the web, carry out research, conduct on line banking transactions, and make low-value purchases. The survey estimated that around 6% of all persons over 14 had used one or more types of online purchasing services for personal progenys in the 12 months before the survey (Chau, 2003).On the other hand, on the business side, more than one third of businesses in Hong Kong have internet connections. In 2001, about 12% of businesses had delivered their inviolables, services or information through electronic means which is 4% higher than that in 2000. The estimated amount of business emolument received from selling goods, services or information through electronic means in 2000 was USD 1 billion. Increased connectivity to the internet creates higher chances of hacker attacks, especially if the users have a constant live connection, such as through a DSL line. (Chau, 2003)According to the Hong Kong Commercial evils Bureau, reports of computer-related offenses increased from 235 incidents in 2001 to 210 in the first base nine months in 2002. Computer attacks had affected 5,460 computers in the past 12 months. Financial loss caused by computer-related crimes rose from USD 195,000 in 2001 to USD 236,000 in 2002. The Computer Crime Section of the Hong Kong Commercial Crimes Bureau believes that only 0.3% of the victims reported hacking incidents, fearing that doing so would damage their reputation. Facing increasing internal and external hacking threats, companies are seeking security tools to protect their network and to maintain public confidence. (Chau, 2003)Telecommuting TrendAnother major driver of security products, according to Chau (2003), is the increasing decentralization of the work force, such as mobile sales teams in the insurance industry who need to access corporate networks via PDAs. There is an increasing trend of businesses and organizations which benefit from employees ability to dial into corporate networks via the internet, however, this often creates information security risks within the organization, resulting in increased dependence on, and greater deployment of, security products (Chau, 2003).Government-generated awareness of internet securityAnother major driver of security products is the government awareness on the importance of Internet security. With this awareness, government organizations are formed. Like for example the SAR Government. The SAR Government is committed to providing a safe and secure environment to foster the development of e-commerce in Hong Kong in which has built a public key infrastructure (PKI) through the establishment of a public deposition authority and a voluntary CA recognition scheme in Hong Kong (Chau, 2003).Currently, there are four recognized certification authorities operating in Hong Kong which includes JETCO, Digi-Sign Certification Ltd., HiTRUST.Com and the Hong Kong Postmaster General. In addition to the establishment of the PKI systems, the Hong Kong Government has als o engaged substantial resources to educate the public regarding the importance of information security. For instance, the Crime Prevention unit of measurement of the Technology Crime Division of the Hong Kong Police is responsible for providing advice on all aspects of computer security. It also produces educational materials on raising computer security awareness and makes presentations on technology crime prevention topics. (Chau, 2003)In addition to the market drivers in which Chau has enumerated, there are still other market drivers of security management market. Braunberg (2004) identified two major groups of market drivers which are the near-tern market drivers and long-term market drivers. Under the near-term market drivers are manage or prevent, perimeter management, vulnerability assessment, embracing standards and the brains of the operation. Long-term market drivers include complexity and cost, device and security integration, knowledge database resources, lack of trust, on demand of computing and social engineering.Near-Term Market DriversManage or Prevent. In the analysis of Braunberg (2004), the chief driver of event management solutions is the continuing and hugely annoying number of false positives pouring out of intrusion detection systems. According to him, a counter driver to growth in the managed security segment is the emergence of intrusion prevention systems, particularly in-line solutions that can achieve real-time data blocking (Braunberg, 2004). The adoption of intrusion prevention system could inhibit spending on event management systems and security management vendors should consider these products competitive to their own (Braunberg, 2004)Perimeter Management. Security management products has evolve due tot to the demand of securing the perimeter. According to Braunberg (2004), security management solutions are evolving to integrate data from a host of perimeter products in which event management systems often evolved along separ ate lines with products for firewall, antivirus, and IDS.Vulnerability Assessments. According to Braunberg (2004), one of the near- term drivers for which end-users are of concern is understanding what the security risks are. Generally, clients are pure toneing to leverage vulnerability assessments to help prioritize emerging threats. Increasingly vulnerability data is being leveraged in event management systems (Braunberg, 2004).Embracing Standards. According to Braunberg (2004), the industry is a long way from embracing standards for sharing event information but some progress has been do over the last year. The Internet Engineering Task Forces Incident Object Description and Exchange Format (IODEF) draft specification is gaining some traction and its adoption would be a significant step forward for the market (Braunberg, 2004)The Brains of this Operation. According to Braunbergs analysis (2004), the infatuation with IPS will be short-lived unless significant improvements can be made in reducing false positives in events however security management products will increasingly play a major role in providing the analytic smarts behind IPS solutions.Long-Term Market DriversComplexity and Cost. With the increasingly complexity in the web-based business models, the more tangled is the security solutions for the end-users. According to Braunberg (2004), businesses building online strategies from starting can be overwhelmed by the initial investment of security solutions, while those trying to adapt existing solutions to evolving security concerns are besieged by nourishment costs.Device and Security Integration. According to Braunberg (2004), equipment makers are paying much closer attention to imbedded security functionality in devices and are actively attempting to integrate security as a value-added service in order to change the thinking of the end users of security products as an add-on or an extraneous component of infrastructure. In addition, vendors are looking to unite service providers with standards programs that simplify client understanding and reduce the complexity of product buying (Braunberg, 2004).Knowledge Database Resources. Another market driver for security products is to actively secure the knowledge database from attack patterns and other descriptions of the enemies. The security products vendors should reinvent a faster rejoinder to the known threats. According to Braunberg (2004), multi-product vendors particularly will look to evolve from real-time monitoring to broader real-time management.Lack of Trust According to Braunberg (2004), end users, whether they are corporate users putting a business plan on a server or a consumer buying a CD, have ingrained habits that they are not necessarily willing to give up. For example, no matter how good an online banks security system is, a consumer will have to be convinced that its services are not only as good as a brick and mortar banks services, but better (Braunberg, 2004).On demand Computing According to Braunberg (2004), the availability of ubiquitous computing resources on demand will throw out drive the need for sophisticated, highly flexible security management solutions that combine both identity management and event management. According to him, the demand for more mystical offerings such as GRID computing is the major long-term driver for security management solutions (Braunberg, 2004).Social Engineering. According to Braunberg (2004), clients are still facing risks in security that employees represent just through the human desire to be helpful, and hackers exploit this through social engineering. According to him, a component of managed security will need elements of employee training to build awareness of outside threats (Braunberg, 2004).According to the analysis of Braunberg (2004), the security segment will continually be strong in which the miscellany of interest ranges from an array of different types of companies which indica tes a leverage of controlling security function.In addition, since end users demand has also evolve in which they demand for more in-depth defensive strategies ad outdo of breed accessiones to purchasing decisions, security solution in turn has become more complex.Case Study Trend Micro EnterpriseHistoryIn 1988, Trend Micro Incorporated was founded by Steve Chang and his wife in California. Trend Micro Incorporated is a global attractor in network antivirus and Internet content security software and services. The company led the migration of virus protection from the desktop to the network server and the Internet ingressgaining a reputation for vision and technological foot along the way. Trend Micro focuses on outbreak prevention and on providing customers with a comprehensive approach to managing the outbreak lifecycle and the impact of network worms and virus threats to productivity and information, through initiatives such as Trend Micro Enterprise Protection Strategy. Tren d Micro ha grown into a international organization with more than 2,500 employees representing more than 30 countries around the globe.Many of the leading high-tech and security industry analysts have bring in Trend Micros growth and performance for the last several years, hailing the company as grotesque, citing its leading and innovation in the security industry.According to Brian Burke, IDC Research Manager, Trend Micro has agreeablely demonstrated a strong position in the Secure Content Management market. To remain successful Trend Micro has adapt quickly to market challenges and the evolution of security threats such as spyware, phishing and spam, in which financial gain has become the number one driving force. Given Trend Micros track record and its strong upward momentum, we expect the company to continue delivering innovative solutions that provide customers with timely protection against unpredictable threats.Trend Micro has clear a reputation for turning great idea s into stylish technology. In recognition of the antivirus companys scheme and vision, the analyst firm Gartner has hailed Trend Micro as a visionary malicious code management supplier for four consecutive years. Citing its flexible and efficient transnational management model, BusinessWeek acknowledged Trend Micro as one ofa new breed of high-tech companies that are defying conventional wisdom. According to IDC, Trend Micro has held the top global market share in internet gateway antivirus for six consecutive years.A history of innovationIn 1995 Trend Micro became an industry pioneer in the migration of virus protection from the desktop to the server level, with the launch of Trend Micro ServerProtec. In 1997 it launched the industrys first virus protection for the Internet gateway with InterScan VirusWall. Since then, it has demonstrated a history of innovation in server-based antivirus products that has contributed to the leadership position it holds today in this market (accor ding to the recent IDC report Worldwide Antivirus 2004-2008 Forecast and 2003 Competitive Vendor Shares.Trend Micro continues to shift the paradigms of antivirus security with cutting-edge products, services and strategies like Trend Micro Network VirusWall, Outbreak Prevention Services, and its Enterprise Protection Strategy. Trend Micro is committed to following its path of innovation to help companies manage todays ever-increasingly complex, fast- distributeing malware threats.SWOT AnalysisStrengthsBusiness and security knowledgeTrend Micro has been a pioneer and innovator in the antivirus software market since 1988, anticipating trends and developing products and services to protect information as new computing standards have been adopted around the world.Service and support excellence, that is, Trend Micro products and services are backed by TrendLabs a global network of antivirus research and support centers. TrendLabs monitors potential security threats worldwide and develops the means to help customers prevent the spread of outbreaks, minimize the impact of new threats, and restore their networks.Flexible workforce through contingent workers for seasonal/cyclical projectsLoyal, hardworking, and diverse workforce who, in addition to good compensation, have an opportunity to do wellMultinational corporation operating through regional subsidiaries to minimize cultural differencesLow employee turnoverRelatively speedy product development processes that allow for timely updating and release of new productsRevenues and profits rising at 30% a year with merger/ scholarship or investment in 92 companies over past five yearsSoftware products have high name recognition, broad-based corporate and consumer acceptance and numerous powerful features that are in use worldwide, thereby promoting standardization and competitive advantage through their ease of integration and cost-effectivenessTop rating from Fortune for best company to work at and most admired companyW orlds largest software company with global name recognition and strong reputation for innovative productsWeaknesses perceive by many as a cut-throat competitor that uses its dominant market position to marginalize competition by stealing/destroying the competitions products, stifling product innovation, and diminish the availability of competitor productsProducts have a single application focus and do not work well with or on-top of other productsReputation has suffered because of network in antitrust and permatemps Vizcaino litigationMisperceptions of securitys value or purposeOpportunitiesCheaper global telecommunication costs open new markets as people connect to the Internet in which in turn increases the need for security productsMobile phone applications and exploitation of personal digital assistants represent a growth industry so that strategic alliances could provide the company with opportunity in a market where it currently has little or no significant presenceBusiness perseverationReduced CostsPotential Revenue OpportunitiesTrend Micro holds the top market share for both worldwide Internet gateway and email-server based antivirus sales.Threats currency exchange rates affect demand for application/operation software and hardware, and fluctuating currencies can negatively impact revenues in the global marketplace break or economic slowdown in the global market impacts personal computer equipment sales and their need for an operating systems which in turn would slowdown the need for security systemsSoftware piracy of commercial and consumer applications software on a global scale threatens revenue streamsTechnology life cycle is shorter and shorterInconsistency crossways the enterpriseLoss of sponsorship or visibilityCurrent StrategyThe continuous success of Trend Micro is guided by its strategies. Innovation was always been the strategy of a technological company however in Trend Micro, innovation was not the only strategy implemented. There are many essentials that are to be considered. The current strategy of Trend Micro are the following.Focus On the Essentials and Sacrifice the RestIt is known that focus is important and essential for the success of any business. According to Steve Chang, strategy is about focusing on essential and sacrificing the rest. (Chang, 2002) in addition, according to Peter Firstbrook, program director, security risk strategies, META Group, Trend Micro has do just that, having an amazing laser-like focus on their business. And the authors of a Harvard Business School case study commented Although very entrepreneurial, Steve Chang held fast to a single strategic focus for over a decade. Rather than attempt to provide all security products to all customers, Trend Micro concentrated on developing best-of-breed antivirus solutions. (Pain and Bettcher, 2003)Trend micros consistent and persistent focus allowed the company to build their strengths and consistently leading the market.Innovation Isnt J ust About Your Software ProductsTrend Micro has many product firsts under its belt the first antivirus product for a server in 1993 the first Internet gateway protection antivirus software in 1996 the first e-mail anti-virus software product in 1998 the first Internet content security service in 1999.However, for the Trend Micro innovation applies to more than just the products. It is a distributive notion that applies to other areas of your business as well. Innovation should be seen new type of global organization and in a new service offering.According to Steve Hamm in a 2003 Business Week article, Borders are So 20th Century, Trend Micro is an example of a new form of global organization, transnational organization in which aimed to transcend nationality altogether.Hamm quotes C. K. Prahalad, a professor at the University of Michigan Business School, who says Theres a fundamental rethinking about what is a multinational companyDoes it have a home country? What does headquarter s mean? Can you fragment your corporate functions globally? (Hamm, 2003)According to Hamm (2003) Trend micro was one of the first responder to viruses which can deliver services in 30 minutes before the market leader Symantec. He commented that Trend Micro is able to respond so quickly because its not organized like most companies. (Hamm, 2003)The strategy of Trend Micro is to spread its top executives, engineers, and support staff around the world. The main virus response center is in the Philippines,