There is a familiar adage that rules are meant to be broken. In school, this might have seemed like a delightful proposition; one that many, if not too many, took up. But in the IT industry and the economy at large, it just doesn’t hold water. In fact, with compliance to ever-expanding legal obligations becoming more burdensome while also being vital to brand reputation and data integrity, there are few that want to be seen bending the law.
And with further compliance obligations on the horizon as a result of the Australian Law Reform Commission’s (ALRC) review of the Privacy Act, potential changes in influential overseas legal regimes, and other legislative reforms imminent in specific verticals, the legal pressure is only going to increase. Yet, therein lays the opportunity for IT security players.
Over the next four years, Gartner forecasts the Australian security software market to reach almost $240.4 million, up from an estimated $219.4 million this year. This represents a compound annual growth rate of 9.1 per cent and will be driven by interest in URL filtering, security information and event management software, and email security products. Clearly another area of interest helping to propel this growth is compliance concerns – a trend keenly noted by many industry observers.
“The Australian and New Zealand markets have been less interested in compliance historically, while a lot of activity for resellers and others in the US has been really compliance driven,” CA director security business unit, Andrew Kelly, said. “They have had a lot of sales to do with things like Sarbanes-Oxley, the Privacy Act of California, the Health Insurance Affordability Act, the Health Insurance Portability and Accountability Act (HIPAA) and they have had a lot of solutions that have come out and been very targeted at solving and locking down data. What I have found over a long period of time in this market is that awareness has been quite weak. However, I am seeing a change and I am seeing a new trend.”
With the increased scope of compliance concerns, combined with negative press given to those – particularly in the UK – who have suffered from data loss, people are now more aware of the issues.
“On top of that, there is going to be increased regulation due to the subprime crisis. But as part of opening up the purse strings, they are probably going to be asking for more control,” Kelly said.
This state of affairs is presenting an opportunity for those security players that are able to get up to speed on all compliance requirements and assist customers that are frequently confused by the legal regimes.
“Specific industry verticals are affected in different ways; banking and finance for example are distinctive,” Trend Micro premium services manager, Adam Biviano, said. “Government departments also have a strong focus on compliance. The situation that customers are facing is they are struggling to deal with the fact their IT infrastructure is constantly under attack now from many different angles. So how do they proceed with any degree of certainty and sign off on the various compliance mandates?”