IT SECURITY - Ministry of Communications and Information ... and... · DEVELOPMENT AGENCY IT...

INFORMATION TECHNOLOGY INDUSTRY DEVELOPMENT AGENCY

IT SECURITY

Market Trends Series

PRESENTED BY: MARKET ANALYTICS AND RESEARCH DEPARTMENT (MARD)

SEPTEMBER 2016

IT Security – September 2016

FOREWORD

This report is a secondary research report that depicts the status and the importance of

security all over the world. Since the level of connectivity is increasing and more people are

going online, the need for security is growing. Moreover, with the rise of the 3rd platform

technologies and the advantages of their innovations, CIOs will need to maintain high

security levels within their organizations and, at the same time, take advantage of the

advancements of the 3rd platform technologies.

In light of the increasing need for security, ITIDA’s MARD found it vital to prepare this

report about security. MARD team relied on several primary reports developed by one of the

best market research organizations: the International Data Corporation (IDC). This report

provides information about the IT security status in the GCC countries, Nigeria, and Turkey;

in addition to some highlights about two sub-markets within the IT security market: the

logical security products market and the threat intelligence security market.


EXECUTIVE SUMMARY

This report provides an analysis and evaluation of the current and prospective global and country-based

trends of IT security. Furthermore, it presents and analyzes the trends in its adoption across the different

vendors.

Methods of analysis include surveys carried out by the International Data Corporation (IDC) and its

partners in the regions and countries discussed. All the findings can be found in the figures presented in the

different sections.

The report sheds light on the status of IT security in the Middle East, more specifically in four of the GCC

countries (the United Arab Emirates, Saudi Arabia, Kuwait, and Qatar), in addition to Nigeria and Turkey.

Moreover, the report sheds light on the global status of two markets within the IT security, namely the

logical IT security products market and one of the competitive markets (the threat intelligence security’s

services).

Results of the data analyzed reveal that the top challenge facing the organizations in the GCC countries is

the continuous rise of attacks and their sophistication in 2015. Moreover, budgeting is the top major issue

organizations are experiencing while implementing IT security solutions, as reported by the CIOs in

different surveys. In addition, being incapable of estimating the return on investment (ROI) in security

makes it difficult for the organizations to develop a business case for IT security budgets. All of the above

add to the challenges and issues organizations encounter while adopting IT security internally.

Taking a closer look at Nigeria, there has been changes taking place in the country, like the increasing levels

of connectivity and the increasing number of people going online and becoming mobile. However, this

would increase the need for securing the endpoints. Moreover, the report emphasizes the fact that the

country is suffering from cyberattacks, with the most frequent ones being malware attacks and internal

breaches. Cybercriminals have been targeting some of the public websites of the government in Nigeria.

Similarly, Turkey has been a target to several cyberattacks since December 14, 2015. About 400,000 websites

in Turkey were hit by many cyberattacks; these attacks were mostly targeting banks in Turkey.

The report also gives a quick view of two markets within the IT security, the first one being the logical

security products market. This section discusses the global status of the seven IDC security products as well

as functional markets and their sub-markets. In addition to this, the top organizations within this market are

highlighted.

Finally, the last section of the report gives a quick view as well on the global status of one of the competitive

markets within the IT security, which is the threat intelligence security services market.


TABLE OF CONTENT

1. STATUS OF IT SECURITY IN THE MIDDLE EAST, NIGERIA, & TURKEY ..................................... 6

1.1. IT SECURITY IN THE MIDDLE EAST ........................................................................................................... 6

1.2. IT SECURITY IN NIGERIA .................................................................................................................................13

1.3. IT SECURITY IN TURKEY ..................................................................................................................................18

2. SPECIFIC SUB-MARKETS WITHIN THE IT SECURITY MARKET ................................................... 21

2.1. LOGICAL SECURITY PRODUCTS MARKET .................................................................................................21

A. INTRODUCTION AND DEFINITIONS ....................................................................................................21

B. GLOBAL PERSPECTIVE ...................................................................................................................................23

C. COMPANY PERSPECTIVE ..............................................................................................................................25

2.2. COMPETITIVE MARKETS: THREAT INTELLIGENCE SECURITY SERVICES ..........................29

A. GLOBAL PERSPECTIVE ...................................................................................................................................29

RECOMMENDATIONS .................................................................................................................................... 31

REFERENCES ..................................................................................................................................................... 32

ABOUT ITIDA .................................................................................................................................................... 33

ABOUT MARD .................................................................................................................................................... 34


LIST OF FIGURES Figure (1): Security Allocation in IT Budgets in 2014 .............................................................................................. 6

Figure (2): IT Security Budgets, 2015 ........................................................................................................................ 7

Figure (3): IT Security Budgets, 2015 ........................................................................................................................ 7

Figure (4): IT Security Incidents, 2014 ...................................................................................................................... 8

Figure (5): IT Security Incidents, 2014 ...................................................................................................................... 8

Figure (6): Security Detection .................................................................................................................................... 9

Figure (7): Top Five Enterprise Security Challenges in 2015 ................................................................................ 10

Figure (8): IT Security Solutions Issues in 2015 ..................................................................................................... 11

Figure (9): Security Spending Focus Areas, 2015 .................................................................................................... 11

Figure (10): Security Spending Focus Areas, 2015 .................................................................................................. 12

Figure (11): Spending in Nigeria ............................................................................................................................. 14

Figure (12): Percentage of IT Budget for Security ................................................................................................. 15

Figure (13): Percentage of IT Budget for IT Security ............................................................................................ 16

Figure (14): Top Five Threats to Information Security .......................................................................................... 16

Figure (15): Technology Implementation Plans, 2016 ........................................................................................... 18

Figure (16): CIO Technology-Related Priorities/Challenges ............................................................................... 19

Figure (17): Security Management Challenges ....................................................................................................... 20

Figure (18): IDC’s Security Products Functional Markets, 2016 .......................................................................... 21

Figure (19): Worldwide IT Security Products Revenue by Segment, 2010–2019 ($M) .......................................... 24

Figure (20): Total Worldwide IT Security Products Revenue, 2014–2019 ($M) .................................................... 25

Figure (21): Worldwide IT Security Products 2014 Share Snapshot ...................................................................... 26

Figure (22): Worldwide IT Security Products Revenue by Vendor and Segment, 2014 ($M) ............................. 26

Figure (23): Worldwide Enterprise Security Revenue by Top 10 Vendor, 2013 and 2014 .................................... 27



Figure (26): Worldwide Threat Intelligence Security Services Revenue by Market, 2015–2020 ($M) .................. 30

Figure (27): Total Worldwide Threat Intelligence Security Services Revenue, 2015–2020 ($M) ......................... 30


1. STATUS OF IT SECURITY IN THE MIDDLE EAST, NIGERIA, & TURKEY

1.1. IT Security in the Middle East

In 2015, IDC conducted a survey for the attendees of the IDC IT Roadshow and members of the IT

community in four GCC countries: the United Arab Emirates, Saudi Arabia, Kuwait, and Qatar. The results

of the interviews conducted by IDC are explained below; they cover several aspects such as security budgets,

security challenges, investment in security solutions, and adoption of security services.

According to IDC, the 3rd platform technologies (cloud, mobility, social media, and big data analytics) are

growing greatly within the organizations, leading to a transformation in the region. With the development of

new devices, applications, and systems, maintenance, management, and security challenges are evolving as

well.

There are several challenges facing the IT department. They have to secure multiple endpoints and deal with

the continuous growth of the endpoints as the usage of the mobile devices is accelerating. Additionally, they

have to manage the increasing trend for implementing IoT solutions, the growing threat landscape, and

budget optimization.

The figure below shows that more than 20% out of 262 organizations reported that they spent between 10%

and 12% of their budget on IT security hardware, software, and services in 2014. 14% of the organizations

pointed out that they spent more than 15% of the IT budget on IT security hardware, software, and services

in 2014. It has to be noted that the percentage of the IT budget allotted to security differs due to several

factors such as industry, organization size, the number of devices and applications, and the amount and type

of data in the organization.

Figure (1): Security Allocation in IT Budgets in 2014

Q. Roughly what percentage of your IT budget was spent on IT security hardware, software, and services in 2014?

Source: IDC, 2015

Figure (2) demonstrates that 28% of the organizations planned to raise their IT security spending between

10% and 15% for 2015. However, 22% of the organizations in the GCC planned to raise their spending by

less than 10% in 2015.

N = 262 2%

9%

11%

11%

14%

15%

15%

23%

0% 5% 10% 15% 20% 25%

0%

2%–4%

less than 2%

8%–9%

More than 15%

5%–7%

13%–15%

10%–12%

Percentage of Organizations

Perc

en

tag

e o

f B

ud

get


1%

7%

10%

14%

18%

22%

28%

0% 10% 20% 30%

Less than 10% decrease in IT security spending

More than 15% decrease in IT security spending

10%–15% decrease in IT security spending

More than 15% increase in IT security spending

Plan to spend the same as in 2014

Less than 10% increase in IT security spending

10%–15% increase in IT security spending

Figure (2): IT Security Budgets, 2015 Q. What are your IT security spending plans for 2015?

Source: IDC, 2015

Splitting the budget among hardware, software, and services, 37% of the GCC organizations planned to

spend more on hardware than on software; however, the difference is a small one (1%). It has to be noted

that organizations obtain security software in order to initiate advanced functionalities (see figure 3).

Figure (3): IT Security Budgets, 2015 Q. How is your IT security budget split between hardware, software, and services?

Source: IDC, 2015

N = 268

N = 65

27%

36%

37%

0% 5% 10% 15% 20% 25% 30% 35% 40%

Security Services

Security Software

Security Hardware


A percentage of 67% of the organizations reported that their systems were hit by a malware incident in 2014.

As the survey shows, malware remains to be the most irritating incident to the majority of the IT security

professionals. Most of the incidents include viruses (e.g. Trojan horses), worms, and spam. The malware can

cause more damages as things become more sophisticated. Figure (4) shows that some of the participants

encountered incidents of server intrusion and information leak. It has to be noted that all incidents can cause

some sort of information or system compromise.

Figure (4): IT Security Incidents, 2014 Q. Did your organization experience any of the following IT security incidents in 2014?

()

Source: IDC, 2015

Endpoints like PCs or file servers were the assets most affected by the previously discussed security

incidents. While 28% of the respondents stated that web sites and online portals were usually influenced by

denial of service, buffer overflow, and session hijacking, the survey showed that social engineering attacks

could be the reason behind many of the incidents taking place. Moreover, 24% of the corporates pointed out

that their database servers were affected most probably because of a malware attack, unauthorized access, or

SQL injections (see figure 5).

Figure (5): IT Security Incidents, 2014 Q. Which of the following IT assets were affected as a result of these security incidents?

N = 275

N = 208

23%

27%

27%

67%

60%

61%

32%

27%

17%

12%

41%

6%

0% 20% 40% 60% 80% 100%

Information Leak

Server Intrusion

Others

Virus Infection

Yes

No

Don't Know

3%

4%

6%

7%

16%

24%

28%

73%

0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%

Others

Dedicated terminals (e.g., ATM or kiosk terminals)

Point-of-sale (POS) server or terminal

Manufacturing/Production line

Business application server

Database server

Web application server

Client PC/File server

Source: IDC, 2015


Figure (6): Security Detection Q. How were these security violations discovered in your organizations?

Source: IDC, 2015

About 60% of the participants mentioned that security violations were spotted by security systems, while

50% of the organizations reported that security violations were identified when the employees reported

them. This shows that when organizations have the suitable or needed solutions, they will be able to react to

the security incidents. Figure (6) shows that 29% of the respondents detected vulnerabilities through spotting

abnormalities in systems or operational performance. Consequently, corporates would implement the right

solutions to detect these anomalies. A percentage of 22% of the organizations surveyed reported that internal

audits were of assistance to the organization in achieving better insight of their security positions and tackling

violations. Organizations have to devote part of their budget to purchasing quality security systems to

address or handle the attacks reactively.

One of the vital factors inspected by IDC was identifying the top challenges facing the companies. The

survey showed that the biggest challenge facing organizations was the continuous rise of attacks and their

sophistication. At the same time, the system cannot adapt to this progression. Lack of executive management

support comes as a second challenge facing the enterprises. As non-IT executive managers may not be fully

aware that there is a continuous increase in the number and the sophistication of the threats, they could be

unwilling or hesitant to spend on upgrading their security systems (see figure 7).

N = 234

1%

9%

12%

13%

22%

29%

50%

60%

0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%

Others

Other third-party notification

Vendor security report

Customer or partner notification

Internal audits

System or operation performance abnormalities

Employee report

Security system detection


Figure (7): Top Five Enterprise Security Challenges in 2015 Q. Please rank your top five enterprise security challenges in the next 12 months

Source: IDC, 2015

The surveyed organizations stated that the budget continues to be the biggest concern they are facing. The

reactive behavior to security reveals that the amount allocated is not enough. The amount of money allocated

to security is associated with the probability of a full-scale compromise. It is clear that enterprises cannot

invest constantly in security; as a result, they must identify what aspects or systems have to be protected, and,

primarily, they have to develop an accurate plan that lessens the damages that might occur (see figure 8).

The figure below illustrates that 44% of the organizations reported that the lack of user education is a huge

concern when implementing IT security solutions. Most of the time, users are not acquainted with the fact

that they are involved in social engineering incidents, or they might not be fully familiar with the

organization’s security and data sharing policies. In addition, it seems that most of the time, training on

security policies is not on top of the list.

Organizations cannot calculate the security investments ROI despite the fact that it is a vital indicator.

However, enterprises are capable only of assessing the possible damage (loss of reputation, loss of business,

damage mitigation, etc.) of a security breach. These challenges make it difficult for organizations to develop a

business case for IT security budgets (see figure 8).

N = 65

3%

3%

3%

3%

5%

5%

6%

8%

11%

14%

40%

11%

11%

5%

8%

2%

8%

5%

2%

5%

23%

6%

8%

8%

5%

12%

2%

9%

5%

14%

3%

3%

11%

14%

8%

5%

6%

8%

8%

5%

5%

15%

3%

2%

11%

9%

14%

3%

5%

3%

6%

3%

8%

5%

11%

5%

3%

11%

5%

5%

3%

6%

0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%

Managing security in a 24/7 live business environment

Ever-increasing number of mobile clients and…

Lack of IT influence in the organization

Lack of budget

Securing new software additions in our environment

Controlling social media use in the organization

Complex regulatory environment

Compliance with government security and privacy…

Shortage of IT security personnel

Employees' lack of adherence to IT security policy

Lack of information security strategy

Lack of executive management support

Increasing sophistication of attacks

1st-ranked choice 2nd-ranked choice 3rd-ranked choice 4th-ranked choice 5th-ranked choice


Figure (8): IT Security Solutions Issues in 2015 Q. What were the major issues your organization experienced in implementing IT security solutions?

Source: IDC, 2015

Among the areas questioned in the survey were the security spending focus areas. Figure (9) shows that most

of the organizations in the survey planned to focus their spending in 2015 on threat management (firewall,

intrusion prevention and detection systems). As the growth rate of the endpoints is greatly rising because of

the increasing usage of mobile devices, it is essential to deal with this issue; IT departments have to address

this matter in a better way. While industries and governments are continuously issuing new regulations,

compliance is one of the vital issues they have to tackle. The third focus point is security management. As the

number of devices, applications, and solutions are increasing drastically, security management is becoming a

vital issue to organizations; therefore, removal of automatic malware is becoming an urgent matter.

Figure (9): Security Spending Focus Areas, 2015

Q. Which of the following will be your IT security spending focus areas over the next 12 months?

Source: IDC, 2015

N = 250

N = 65

2%

18%

20%

26%

26%

29%

31%

31%

32%

34%

37%

38%

38%

40%

40%

42%

45%

46%

46%

62%

0% 10% 20% 30% 40% 50% 60% 70%

Physical security

Others

Secure content management (messaging security)

Identity and access management (user provisoning)

Business continuity

Secure content management (web security)

Identity and access management (SSO, authentication)

Secure content management (endpoint antivirus)

Mobile security solutions (authentication and authorization)

Security management (SIEM)

Preventing information leaks from client PCs

Vulnerability management (vulnerability assesment,…

Information security education

Mobile security solutions (mobile device management)

Prevention of information leaks from gateways (email, web)

Mobile security solutions (antivirus)

Automatic malware (known, unknown) removal

Security management (policy management and GRC)

Compliance remediation

Threat management (firewall, intrusion prevention and…


Figure (10) reveals that the majority of the organizations surveyed invested in securing their PC through

antivirus protection, network, or web security solutions due to the rise in cybercrimes. Unfortunately,

enterprises are unaware of the importance of securing client devices and web applications, and even if they

implemented a solution, signatures are not upgraded on a frequent basis. The third aspect that organizations

invest in is web security solutions; this is because the number of online applications and services is rising

massively. Other solutions where the organizations focused their investment are network monitoring, data

loss prevention, and mobile security.

Figure (10): Security Spending Focus Areas, 2015 Q. Have you invested in the following solutions due to the recent increase in cybercrime attacks?

Source: IDC, 2015

The coming two sections give an overview about the IT security market in Nigeria and Turkey and the

different challenges CIOs are facing in maintaining security within their workplace. Moreover, they discuss

the challenges the enterprises have to face with the rise in cybercrimes.

N = 65

8%

9%

12%

18%

18%

22%

22%

25%

26%

26%

32%

35%

37%

40%

45%

46%

55%

55%

82%

83%

42%

46%

48%

51%

37%

51%

45%

51%

48%

45%

42%

40%

40%

43%

42%

35%

28%

31%

14%

9%

51%

45%

40%

31%

45%

28%

34%

25%

26%

29%

26%

25%

23%

17%

14%

18%

17%

14%

5%

8%

0% 20% 40% 60% 80% 100%

Digital forensics

Mobile security (mobile device management)

Mobile security (antivirus)

Risk monitoring

Using services of a security operation center

Data loss prevention

User provisioning

Next-generation firewall

Security information and event management

SSO and authentication and authorization

Policy management and GRC

Messaging security management

Vulnerability assessment/scanning

Automatic endpoint malware removal/Endpoint protection

Network monitoring

Intrusion detection/blocking with IDS, IPS, or UTM

Network gateway and server antivirus solution

Web security solutions (URL filtering control, etc.)

Firewall and virtual private network (VPN)

PC antivirus

Implemented Considered Neither implemented nor considered


1.2. IT Security in Nigeria

This section demonstrates the results of the IDC survey conducted in Nigeria during the IDC IT Security

Roadshow. The survey involved 51 IT directors and managers from various industries. The questions of the

survey tackled the managers’ and the directors’ challenges and priorities for information security.

According to IDC, the government’s efforts in Nigeria to endorse or stimulate the overall usage of ICT and

boost the organizations and the individuals to leverage the ICT systems have greatly expanded the ICT

market in Nigeria. Moreover, several initiatives have been carried out to encourage the implement of ICT in

the country; for instance, Computer for all Nigerians Initiative (CANI), the State Accelerated Broadband

Initiative (SABI), and the Wire Nigeria Project (WIN).

o Overview of the IT situation in Nigeria

Connectivity has been one of the main pillars in boosting the implementation in any country. For instance,

Nigeria has been largely investing in submarine cables starting from 2011 by about $2.24 billion. Moreover,

the end of 2015 witnessed major changes in the internet usage; the number of internet users increased up to

more than 90 million via different methods, also the main source of internet access was nearly 97 million

devices.

Since the levels of connectivity are increasing and more people now are on the internet and going mobile,

enterprises in Nigeria will increase their consumption of the 3rd platform technologies (cloud, mobility, big

data, and social business). Furthermore, the innovative projects carried out in Nigeria are driving

organizations to offer the customers more online services so that they could satisfy customer demand and

hunt for new revenue sources. These innovative projects involve the following: the local Internet banking

service Quickteller; online retail outlets, for example, Yudala, Jumia, and Konga; and the global digital

disrupters’ local activities like Uber and AirBnB.

With the high growing rates in IT investments and the development of more online activities by

organizations and citizens, information security can influence the transformational strategies of industries in

Nigeria. Moreover, the massive increase in the number of users for the internet and mobiles will increase the

need for securing the endpoints (the growing market necessities and the need for security with more risks of

online attacks). Additionally, the growing rates of connectivity will push the frequency and complexity of

attacks more, since the level of difficulty of identification and prevention of sophisticated breaches that target

various industries will increase.

According to IDC, malware attacks and internal breaches are the most frequent cyberattacks that hit many

online platforms in Nigeria. These cyberattacks are targeting government institutions, utility companies,

financial services entities, and individuals. Cybercriminals have targeted some of the government’s public web

sites in Nigeria; for instance, the web sites of the Nigeria National Research Institute for Chemical

Technology, the Ministry of Foreign Affairs, the National Malaria Control Program, and the National

Planning Commission.


The security flaws available on the web sites create an opportunity for hackers; the downtime also creates

another challenge. Consequently, organizations have to deal with other huge negative influences. Financial

loss (for financial institutions, retail and wholesale organizations, entertainment industries, individuals, etc.)

and legal ramifications (for utility companies, the government, telecommunications firms, etc.) can be among

the damages caused by the cyberattacks.

o The results of the CIO summit in Nigeria

The efforts exerted by the government in Nigeria (including the issuance of the Cybercrime Act of 2015)

seem to be not enough as long as organizations show disinterest or unwillingness to invest in information

security. The reasons behind this go back to a lack of the budgets needed for enhancing information security,

lack of adherence to compliance within certain sectors, lack of IT security skills, and low user awareness.

Figure (11): Spending in Nigeria Challenges in Securing the IT Environment

Source: IDC, 2016

3.9%

3.9%

9.8%

11.8%

11.8%

17.6%

17.6%

19.6%

19.6%

19.6%

23.5%

37.3%

0% 10% 20% 30% 40%

Securing new software additions inyour environment

Complying with governmentsecurity and privacy regulations

Ever-increasing number of mobileclients and unmanaged devices

Lack of influence within theorganization

Complex regulatory environment

Increasing sophistication ofattacks

Managing security in a live 24/7business environment

Lack of information securitystrategy

Employees' lack of adherence toIT security policies

Lack of budget

Shortage of IT security personnel

Lack of executive managementsupport


Figure (11) shows that the major concern facing the IT decision makers in Nigeria is the lack of executive

management support to enable more secured IT environment during the coming 12 months. It is important

for the CIOs to highlight ROI in order to develop a business case for investing in IT security. For instance,

CIOs can determine the losses they could suffer when downtime occurs due to a security incident. The

survey also showed that CIOs would be directing their attention towards enhancing the overall IT security

awareness inside the enterprises and highlighting the increasing necessity for securing ecosystems for digital

transformation.

The second major concern is the shortage of IT security personnel who can provide a secured IT

environment; therefore, enterprises will have to provide an automated environment, for example, and they

could upgrade the employees’ skills. Lack of budget comes in the third place as one of the major challenges

facing the CIOs, so they will need to look at other strategies to enhance security (like security services,

automation, and hybrid approaches). Then the employees’ lack of adherence to policies comes in the fourth

place as another major challenge. To deal with this concern, enterprises in Nigeria will have to implement the

following strategies: security awareness training programs, data loss prevention solutions adoption, data

classification and access exercises involvement (see figure 11).

Figure (12): Percentage of IT Budget for Security Allocation of IT Budgets to IT Security in 2015

Source: IDC, 2016

More than 21% of the CIOs surveyed mentioned that they spent in the range between 0% to <5% of their

budgets on securing the IT environment in 2015. In addition, more than 37% mentioned that they spent

between 5%–10%. However, the survey revealed that some of the organizations did not invest in securing

their IT environment at all. According to IDC, there is no specific information for the ultimate or optimal

percentage to be allotted to security; the percentage devoted to security depends on company size, industry,

and the number of devices, employees, and governance regulations. It is recommended that CIOs take into

account other strategies in order to have a better-secured IT environment, like security services, automation,

and hybrid approaches to security (see figure 12).

13.7%

37.3%

21.6%

0% 5% 10% 15% 20% 25% 30% 35% 40%

More than 10.0%

5.0–10.0%

Less than 5.0%


Figure (13): Percentage of IT Budget for IT Security Q. How much of your IT budget do you plan to spend on security in 2016?

Source: IDC, 2016

More than 56% of the CIOs surveyed reported that they are planning to spend a higher percentage on IT

security than in 2015. Moreover, organizations tend to increase their investment in the 3rd platform

technologies; as a result, this will force them to spend more of their budget on IT security, especially that the

possibility of security breaches occurring will be high as more online transactions are taking place.

Additionally, it is recommended that organizations eliminate or at least reduce downtime as soon as new

business processes are developed online. Consequently, high priority and necessary security solutions must be

implemented within the organizations to have a better-secured environment (see figure 13).

Figure (14): Top Five Threats to Information Security Q. In terms of seriousness, what are the top five threats to your organization's information security?

Source: IDC, 2016

12%

38%

50%

Plan to spend a lower percentage than in 2015Plan to spend same percentage as 2015Plan to spend a higher percentage than in 2015

13.7%

15.7%

19.6%

19.6%

23.5%

23.5%

25.5%

39.2%

41.2%

0% 10% 20% 30% 40% 50%

Cybercrime: denial of service,cyberransom, cyberterrorism

Data theft by employee orbusiness partner

Infected USB drives

Network infected due tomalware on mobile devices

System failures due toemployee or business…

Application vulnerabilities

External hackers

Malware (trojans, viruses,worms, spam, spyware,…

Data loss through employeeerror (unintentional)


More than 40% of the respondents denoted that the biggest threat is unintentional data loss through

employee error (see figure 14). The optimal approaches recommended for minimizing this threat are

adopting data loss prevention technologies or applying employee user policies that include the details of data

usage, maintenance, and storage. Such policies guarantee that there are guidelines for the employees to

handle the data efficiently with minimum errors. Therefore, CIOs have to train their employees on the

damage that could occur to the business.

As shown in the figure above, malware (like Trojans, viruses, worms, spam, spyware, and other malicious

code) is the second biggest threat facing the CIOs in Nigeria (39.2% as indicated in the figure above).

Therefore, for the organizations to eliminate the threats of various types, they have to provide suitable

patching. Also among the top five threats are the external and internal attacks, which constitute a large

portion of cyberattacks. It has to be noted that these attacks create serious risk to organizations since they

are directed towards crucial applications and business-sensitive information silos. Therefore, it is

recommended for the CIOs to give a special attention to these threats by running monitoring applications

on a constant basis.


1.3. IT Security in Turkey

o Overview of IT security in Turkey

During the past few years, organizations in Turkey have been subjected to several cyberattacks that were

increasing in number. On December 14, 2015, several attacks started to hit Turkey’s “.tr” top-level domain

that influenced about 400,000 websites. The cyberattacks were mainly targeting banks in Turkey, along with

some core banking systems, online banking platforms, and point of sale systems involving performance and

accessibility problems. 2015 was a very hard and challenging year for Turkey because of the economic and

political issues. Accordingly, private and public organizations stopped their investments in IT until things

become clearer in the country. Moreover, they deferred the majority of their investment in security in 2015,

despite the fact that they do not constitute a big portion of the IT budgets. The main reason behind this goes

to budget constraints.

According to IDC, due to the various cyberattacks organizations have been subjected to in Turkey, the

authorities will start identifying the methods that keep their national assets secured and eliminate any future

attacks. Moreover, it is expected that Turkey witnesses a growing trend for consumer awareness of security

through publicizing the cyberattacks. It is expected that there will be a great pressure on the public and

private organizations that have not been successful in securing their business and IT assets.

o The results of the CIO summit in Turkey

Figure (15): Technology Implementation Plans, 2016 Q. Which of the following technologies/solutions and services have you implemented or plan to implement in the future?

Source: IDC, 2016

N = 75

76%

71%

59%

56%

55%

53%

49%

43%

40%

36%

35%

35%

33%

31%

23%

16%

16%

12%

11%

13%

17%

16%

9%

21%

15%

17%

19%

33%

33%

15%

19%

27%

13%

19%

9%

24%

1%

4%

13%

5%

4%

11%

7%

8%

16%

16%

13%

12%

16%

15%

11%

21%

20%

28%

0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%

Server Virtualization

Enterprise Resource Planning

Business Continuity/Disaster Recovery Solutions

Customer Relationship Management

Managed Print Services

Analytics (Including Business Intelligence)

Unified Communication Technologies

Managed Services

New Datacenter Build or Expansion of Existing…

Enterprise Mobility

Advanced Security Solutions

Hosting and Collocation in Secured Third-Party…

Private Cloud

Social Media/Social Business Initiatives

Public Cloud Services

Desktop/Client Virtualization

Software Defined Networking

Big Data Technologies

Already implemented 2016 2017


Despite the fact that security is positioned as one of the top challenges when it comes to technology, yet the

figure above shows that the implementation rate of advanced security solutions is still at low levels. However,

the cyberattack incidents that took place in Turkey in 2015 boosted the organizations’ awareness, where 33%

of the CIOs surveyed mentioned that they would invest in advanced security solutions in 2016.

Figure (16): CIO Technology-Related Priorities/Challenges Q. What are the biggest technology-related challenges/priorities that you face as a CIO today?

Source: IDC, 2016

According to IDC’s survey, the level of complexity and aggressiveness is still growing in the IT threat

environment. The growth of the 3rd platform technologies led to the development of IT, which makes it hard

for organizations to fully control their data and applications since the network-connected devices expand and

operations are done using cloud and social networks. Organizations also have to take advantage of the

innovations offered by the 3rd platform technologies while offering an IT environment that meets all the

needs of their employees.

Maintaining security lists is the top challenge facing the CIOs (49% as indicated in figure 16). IT security is

not limited to the organizations only; it includes the global area, larger networks, and infrastructure (like

energy and utilities) (see figure 16).

N = 67

0% 5% 10% 15% 20%25%30%35%40%45%50%

Managing connectivity (external and internal)

Ensuring IT performance

Improving utilization of IT assets (e.g.,datacenters)

Ensuring availability of systems andapplications

Providing access to an increasingly mobileworkforce

Integration of disparate systems,technologies, and operational outputs

Managing the applications portfolio

Maintaining security

13%

28%

31%

31%

36%

40%

40%

49%


Figure (17): Security Management Challenges Q. What are your top challenges in managing security at your company?

Source: IDC, 2016

3rd platform-related security challenges (from connected devices at the network edge) are pushing

organizations and their IT departments to invest more of their budgets in security, despite the fact that this

growth does not match the development going on in the threat landscape.

The figure above reveals that 42% of the CIOs list lack of sufficient IT security budgets as the top challenge

facing them in managing IT security at their companies. This goes back to the CIOs facing difficulty in

developing the case for more IT security investments, in addition to challenges they have to face with the

budgets of their overall IT management.

In addition to budget limitations, CIOs explained that they are suffering from a shortage of skilled IT

security personnel. The survey showed that there is shortage in the skilled mid-level IT security staff.

One of the main aspects for maintaining security in any organization is related to the IT departments having

to guarantee employee participation in security management. At the same time, there has to be an adoption

of advanced security policies within the organizations’ overall IT strategies. One of the challenges facing the

organizations is the lack of employee adherence to security policies. Therefore, enterprises have to conduct

some kind of awareness sessions for their employees and simulated attacks to train the employees and

observe their response to suspicious activities on different IT systems.

The next two sections discuss specific markets within the security: the logical security products market and

one of the competitive markets (threat intelligence security services). The logical security products market is

discussed on the global and company level as well.

N = 71


2. SPECIFIC SUB-MARKETS WITHIN THE IT SECURITY MARKET

2.1. Logical Security Products Market

a. Introduction and Definitions

The logical security products market consists of seven markets, each of which includes several submarkets as

shown in figure (18). According to IDC, there exists a wide range of technologies that are employed to

enhance the security of computers, information systems, internet communications, networks, transactions,

personal devices, mainframes, and the cloud. These products are used because they offer organizations

confidentiality, integrity, privacy, and assurance. Moreover, with their use, firms will have the ability to offer

security management, access control, authentication, malware protection, encryption, data loss prevention

(DLP), intrusion detection and prevention (IDP), vulnerability assessment (VA), and perimeter defense

including other capabilities. All of the previously mentioned tools are developed to help organizations gain

better security of their networking infrastructure and offer advanced value-added services and capabilities.

Figure (18): IDC’s Security Products Functional Markets, 2016

Source: IDC, 2016


The logical security products market includes the following markets as shown in figure (18); each of the

seven markets includes sub markets.

1- Identity and Access Management Security (IAM)

According to IDC, the IAM is “a comprehensive set of solutions used to identify users (employees,

customers, contractors, etc.) in an IT environment and control their access to resources within that

environment by associating user rights and restrictions with the established identity and assigned user

accounts.” The IAM market includes identity management suites, user provisioning, privileged account

management (PAM), single sign-on (SSO), advanced authentication (software for both public key

infrastructure [PKI] and personal portable security devices such as smartcards and one-time password [OTP]

tokens), and legacy authorization, like resource access control facility (RACF) and access control facility

(ACF-2).

2- Network Security

According to IDC, network security is “a combination of software, hardware, and networking technologies

whose predominant function is to protect corporate networks and network-embedded resources from

disruption caused by external threats.” As shown in figure (18), network security market includes four

submarkets, which are firewall, unified threat management (UTM), intrusion detection and prevention, and

virtual private network (VPN).

3- Endpoint Security

This market encompasses the corporate and consumer products. The endpoint security market includes

client antivirus software, file/storage server antivirus, client antispyware software, personal firewall software,

host intrusion prevention software (IPS), file/disk encryption, and endpoint data loss prevention products. It

has to be noted that this market includes products that are mainly developed to secure endpoints against

attacks or to provide security to the information that exists on endpoints. The endpoint security is divided

into consumer and corporate segments; the corporate segment includes five subcategories, which are

antimalware, server security, security suites, access and information protection, and proactive endpoint risk

management (PERM).

4- Messaging Security

According to the taxonomy of IDC, messaging security solutions are implemented/installed on all security

platforms. The messaging security market encompasses three submarkets, which are antispam, antimalware,

and content filtering. Moreover, messaging security can include selected data loss prevention, along with

selected information protection and control technologies. It has to be noted that these products are

developed to work with applications, email, instant messaging (IM), and other collaborative applications.

5- Web Security

The products within the web security market are implemented or installed on software, appliance, SaaS, and virtual platforms. There are four submarkets within the web security market, which are URL filtering, web antimalware, web application firewalls, and web content filtering. Additionally, web security encompasses selected data loss prevention technologies. Web security is used to provide security against inbound (malware) and outbound (data leakage) threats.


6- Security and Vulnerability Management

In relation to the security and vulnerability market, “management is a comprehensive set of solutions that

focuses on allowing organizations to determine, interpret, and improve a company's risk posture.” Moreover,

software products within this market include those products that build, monitor, and enforce security policy.

They also identify the configuration, structure, and attributes for a given device. It has to be noted that the

products within the security and vulnerability management market can do assessments and vulnerability

scanning, offer vulnerability remediation and patch management, aggregate and correlate security logs, and

offer management of various security technologies from a single point of control. The security and

vulnerability market has two submarkets: security management and vulnerability assessment. These two

markets can be separated and treated individually; however, they can overlap according to the way they are

used by corporates.

b. Global Perspective

As the changes of information technology grow fast due to the external effects of the 3rd platform

technologies (mobility, cloud, social business, and analytics), the market for security products continues to

adjust or comply. The market for security products has grown at an unexpected rapid pace, reaching 7.3% in

2014 due to the external influences of the 3rd platform technologies. Three security products were the main

drivers for this quick growth, which are security and vulnerability management, network security, and identity

& access management.

According to IDC, 2015 witnessed a remarkable growth in comparison to 2014; this growth is expected to

continue until it reaches 7.4% or $35.2 billion. Moreover, IDC predicts that rapid growth will occur over the

coming few years at a CAGR of 7.0% for 2014–2019. There are various elements that drive this growth;

among these factors are the attention given to high-profile data breaches, interest in technologies developed

to sense or identify complicated threats, and risk assessment as part of cloud migration planning. As

explained, these elements, in addition to others, will continue to drive the growth behind vendor products in

the security and vulnerability management, network security, and identity & access management submarkets.

The market developments explained below are expected to influence the security products market:

Implementation of data breach support tools and services;

Lessening of risks related to the internet of things (IoT);

Remission efforts linked to security incidents are pushing the growth of forensics and incident

response products and services, modern security information and event management (SIEM)

platform, and vulnerability assessment products.

It has to be noted that those technologies forming the security and vulnerability management submarket are

expected to reach a CAGR of 10.9% over 2019. In addition, the vendors for network security are expected to

continue increasing their functionality and enrich/add/expand (Buildout) their portfolios with subscription

software as a services (SaaS), integration with specialized threat analysis and protection (STAP) solution and

endpoint and cloud visibility and control. The forecasted figures of IDC reveal that the global submarket for

network security is expected to grow with a CAGR of 9%, attaining $14.2 billion in 2019.


Figure (19) shows the worldwide market for IT security products revenue, which has been expected to grow

by a CAGR of 7% for the period 2014–2019,; the total market has been expected to reach $45,969.4M in

2015 as shown in figure (20). Three security products will be witnessing the highest CAGR%: security &

vulnerability management (10.9%), network security (9.0%), and identity & access management (8.0%).

However, observing the figure below reveals that network security will reach the highest revenues

($14230.0M) by 2019, which is much higher than in 2015 ($10,444.5M), followed by endpoint security, which

is expected to reach $10,911.7M with a CAGR% of 3.9% for the period 20142019, compared to $9173.5M in

2015.

In addition, figure (19) highlights the fact that security & vulnerability comes in the third place. The revenues

for this submarket will reach $7,935.1M in 2019 with a CAGR of 10.9% compared to $9173.5M in 2015,

followed by identity & access management, which will grow by 8.0% (CAGR), reaching $7430.1 M in 2019.

Finally, web security & messaging security will grow by 3.3% and 0.8% (CAGR), respectively.

Figure (19): Worldwide IT Security Products Revenue by Segment, 2010–2019 ($M)

Source: IDC, 2015


Figure (20): Total Worldwide IT Security Products Revenue, 2014–2019 ($M)

Source: IDC, 2015

c. Company Perspective

This section gives a quick snapshot of the worldwide IT security products by company level. Moreover, it

provides the revenue share for each company and highlights the top vendors in the security market. This

section shows that the vendors in the worldwide IT security products market have achieved a huge growth of

$32.8 billion due to the attention directed towards data security and detecting modern threats. The need for

implementing specialized threat analysis and protection products to determine the targeted attacks and

advanced threats has made organizations invest more in the products that can integrate and influence existing

security infrastructure investments. According to IDC, the top 23 vendors had reached 7.1% growth rate

from 2013 to 2014, and have approached a total revenue between $500 million and $2 billion. These vendors

are: Symantec, Intel, Cisco, IBM, Checkpoint, Trend Micro, EMC, Kaspersky Lab, Fortinet, HP, Palo Alto

Networks, Sophos, Oracle, Dell, CA Technologies, Gemalto, Blue Coat, Juniper Networks, ESET, Microsoft,

AVG Technologies, Websense, and Micro Focus.

The figure below highlights the market share for the top 5 markets in the logical security products market. As

shown below, Symantec had the highest market share in 2014 (11.4%), followed by Intel and Cisco with a

6.6% market share. Then IBM came in the third place and constituted 5.4% of the total market for IT

security products. Finally, Checkpoint achieved 4.6% of the total market share.


Figure (21): Worldwide IT Security Products 2014 Share Snapshot

Source: IDC, 2015

The figure below shows that Symantec reached the highest revenue in 2014, followed by Intel and Cisco. Finally, IBM and Checkpoint reached a total revenue of $1770.60M and $1513.40M, respectively. These results are predictable since Symantec constitutes the largest market share as previously discussed.

Figure (22): Worldwide IT Security Products Revenue by Vendor and Segment, 2014 ($M)

Source: IDC, 2015

Figure (23) displays the top 10 vendors that reached the highest security revenue in 2014. Their rankings are

as shown in the figure, with Cisco achieving the highest worldwide enterprise security revenue in 2014.

However, when it came to the growth rate between 2013 and 2014, Palo Alto Networks reached the highest

growth rate (58.2%) compared to the other vendors, followed by EMC with a growth rate of 25.2%, and

then Fortinet, which achieved a growth rate of 23.3%. IBM came in the fourth place with a growth rate of

16.3%. HP came in the fifth place (15.0%), followed by Intel (12.4%), checkpoint (10.2%), Cisco (10.1%).

0.00

500.00

1,000.00

1,500.00

2,000.00

2,500.00

3,000.00

3,500.00

4,000.00

Symantec Intel Cisco IBM CheckPoint

3,742.30

2,162.50 2,160.30

1,770.601,513.40

3,808.70

1,999.40 1,962.50

1,522.70 1,375.60

2014 Total 2013 Total


Finally, Symantec witnessed a decline in their revenues by -1.3%; the same was true of Trend Micro, with a

deterioration in revenues by -3.0%.

Figure (23): Worldwide Enterprise Security Revenue by Top 10 Vendor, 2013 and 2014

N.B: Figure (23) excludes the consumer security revenue. As Symantec, Trend Micro, and Intel Security have consumer security where as IBM,

Cisco, and the rest of the vendors do not cater to consumers.

Source: IDC, 2015

The coming few lines highlight the five enterprises that shaped the market in 2014. The first enterprise that

achieved the highest growth rate (58.2%) between 2013 and 2014 is Palo Alto Networks. The main reason

behind this growth goes back to its UTM line; however, it has to be noted that Palo Alto Networks has a

services product besides an endpoint solution. These two products arise from Palo Alto’s focus area and give

an insight into the track that the other vendors should follow. Moreover, Palo Alto’s great availability in the

network security market has given it a chance to perform well, whereas the other enterprises are considering

UTM for the first time.

As previously highlighted, Symantec has witnessed an overall decline; nevertheless, it continues to be number

one in the security market. Symantec was among the companies that included the specialized threat analysis

and protection products through developing a line of STAP products. It has to be noted that Symantec is not

involved in the networking market like the other top four companies; it focuses more on the endpoint

market (see figure 24). It will be of interest to witness whether Symantec will follow the track of the other

endpoint-focused companies that try to include the networking market or will continue concentrating on its

main products.

0.00

500.00

1,000.00

1,500.00

2,000.00

2,500.00

1,96

2.5

0

1,52

2.7

0

1,77

4.5

0

1,36

0.10

1,306.8

0

74

6.1 5

69

605.1

70

2.6 43

0.7

2,16

0.3

0

1,770.6

0

1,751.10

1,49

8.9

0

1,46

8.5

0

93

4.4 70

1.6

69

5.8

68

1.1

68

1.1

Revenue ($M) - 2013 Revenue ($M) - 2014



Source: IDC, 2015

Intel witnessed a significant growth of 8.2% during 2014. Similarly, it experienced a significant growth in the

endpoint security market; on the contrary, other companies were experiencing a bad time, especially in the

consumer segment. It has to be noted that Intel has announced that it will be cutting down its product lines

in order to have a chance to direct its attention toward specific product categories and be positioned as the

top leader for those product lines. Therefore, Intel will have to depend extensively on best-of-breed vendors

for the products it will withdraw so that it can have all the security solutions. Consequently, companies will

have to direct their attention towards partner relationships, as occurred during 2013, in order to have all the

products within the security market.


Source: IDC, 2015


As for EMC, it reached a very good revenue growth rate of 25.2% in 2014. Moreover, EMC has been

performing well for all its security products. EMC continues to sustain a very good position in various

security markets, including identity and access management (IAM), policy and compliance (P&C), security

information and event management (SIEM), and forensic and incident response (FII). Finally, Cisco

witnessed a good growth rate of 10.1% in 2014 that made it the third top company in the market. This

growth mainly went back to the networking security sector, which is a sector that had been witnessing strong

growth and was expected to remain so in 2015.

2.2. Competitive Markets: Threat Intelligence Security Services

According to the taxonomy of IDC, the threat intelligence security services (TISS) market is formed of a

group of technologies that embraces predictive security, advanced threat defense, real-time threat

management, situational risk awareness, and advanced SIEM. It has to be noted that the TISS products are

provided via cloud-based portals and data libraries based on behavioral detection and customer-specific

signatures, in addition to data feeds and solutions with analysis and mitigation developed according to client

needs. These products are offered in the form of data service, SaaS, profession service, and/or a part of a

managed (or outsourced) security services engagement.

a. Global Perspective

Security services providers started to create threat detection capabilities and project-based services to face the

challenges of advanced cyber threats; as a result, the threat intelligence security services market was

developed. At the very beginning, the TISS market used to be a small market; however, currently it is

growing rapidly. According to IDC, it is predicted that the TISS will reach a CAGR of 11.3% over the period

2015–2020 and will approach $1.8 billion in 2020. Meanwhile, it has been stated that the growth in TISS

market is decelerating for three reasons: mergers taking place between the providers, acquisition of startups,

and in-house development of threat intelligence functionality.

It has to be noted that the TISS market is characterized by being an extremely sophisticated and specialized

market that demands investment and innovation on a constant basis. The development of IoT, software-

defined networks, and cloud computing gives the opportunity for new threats to arise, which adds to the

complexity of the TISS market. The TISS market is composed of three features/fields: data feeds and

publications, consulting, and managed security services.

The forecasted figures for the worldwide market of the threat intelligence security services revenue show that

consulting services will witness the highest growth of 12.2% (CAGR) during the period 2015–2020, followed

by data feeds and publications with a CAGR of 11.8%. Finally, managed security services are expected to

reach a CAGR of 10.6% for 2015–2020.


Figure (26): Worldwide Threat Intelligence Security Services Revenue by Market, 2015–2020 ($M)

Source: IDC, 2016

The figure above reveals that the revenues for the services will grow from $245.1M in 2015 to $435.9M in

2020. However, the managed security services will record the highest revenues over the coming years, as it

will increase from $541.7M to $896.6M in 2020. Finally, data feeds and publications will approach or reach

$459.5M in 2020, which is more than the revenues for the consulting services. Observing the revenues for

the total market, the figures show that the whole market will witness a rapid growth during the coming years

as shown in figure (5).

Figure (27): Total Worldwide Threat Intelligence Security Services Revenue, 2015–2020 ($M)

Source: IDC, 2016

245.1278.8

314.3352

392.7 435.9

541.7603.7

666.7736.1

812.5

896.6

262.7298.2

335.3373.1

414.5459.5

0

100

200

300

400

500

600

700

800

900

1000

2015 2016 2017 2018 2019 2020

Consulting Managed security services Data feeds and publications

1,049.40

1,180.60

1,316.40

1,461.20

1,619.70

1,792.00

0.00

200.00

400.00

600.00

800.00

1,000.00

1,200.00

1,400.00

1,600.00

1,800.00

2,000.00

2015 2016 2017 2018 2019 2020


RECOMMENDATIONS

Below are some guiding points for technology buyers and suppliers in the Middle East and Nigeria.

Guidance for Technology Buyers

Despite the fact that developing a business case for investing in security is a difficult task, not having

sufficient security solutions can have a major negative effect.

Offering training and awareness programs in house is important as they help in lessening the incidents

of accidental data loss and avoiding the intentional security compromises that could be caused by the

employees.

The data access rights should be outlined as well as what can or cannot be included since organizations

cannot secure everything.

Never assume that your organization is always secured or will never experience security incidents; it is

recommended that organizations at least invest in damage mitigation.

IT departments have to be involved in a data classification exercise to determine three things: what can

be accessed, who should access it, and from where.

Guidance for Technology Suppliers

Suppliers should offer help to the organizations in developing a business case for security and

calculating the ROI.

Vendors should provide organizations with user awareness and training programs.

Adopting security management and automation solutions is critical and vital, taking into consideration

that recruiting and hiring skilled IT employees is more costly than implementing external solutions.

Technology suppliers should market the necessity for holistic security and help enterprises have a better

vision of their security solutions.

In view of budget limitations and challenges, technology suppliers have to offer other options for

security delivery models in the form of services, automated systems, or consolidated security suites.

It is recommended that the vendors work closely with the IT department to enhance the level of

security awareness inside the organizations.

To deal with cybersecurity issues in the country, vendors should exert some efforts in getting involved

with governments and telecoms.


REFERENCES

Ayoub, R. (2016). Worldwide Threat Intelligence Security Services Forecast, 2016–2020: Strength in Numbers.

International Data Corporation (IDC).

Corr , E., & al., e. (2015). Worldwide IT Security Products Forecast, 2015–2019. International Data Corporation

(IDC).

Afolayan, B. (2016). Nigeria IT Security End User Survey, 2016. International Data Corporation (IDC).

Arac, Y. (2016). Cyberattacks in Turkey: IT Security Comes into Focus. International Data Corporation (IDC).

Corr, E. (2016). IDC's Worldwide Security Products Taxonomy, 2016. International Data Corporation (IDC).

Corr, E., & al., e. (2015). Worldwide IT Security Products Market Shares, 2014: Comprehensive Security Product

Review. International Data Corporation.

Kumar, M. (2015). Middle East IT Security End-User Survey 2015: Balancing IT Security and Technology

Transformation. International Data Corporation (IDC).

Melih, M., & al., e. (2016). IDC CIO Summit Series, 2016 — Turkey "Leading Your Organization’s Digital

Transformation". International Data Corporation (IDC).


ABOUT ITIDA

Information Technology Industry Development Agency, ITIDA, was founded in 2004

as an executive IT arm of the Ministry of Communications and Information Technology

(MCIT) to spearhead the process of developing the Egyptian IT industry.

ITIDA aspires to building momentum in the IT industry by making Egypt one of the top

global hubs for technology and business services. The agency strives to further develop

Egypt’s competitive advantage as a one-stop shop for foreign direct investors seeking to

enhance their global offering and providing the Egyptian IT industry with the right tools to

increase IT/ITES exports.

ITIDA works with an entrepreneurial and collaborative spirit to serve public and private

bodies, industry players and associations, universities, and individuals to help the Egyptian IT

industry develop as much and as far as possible. ITIDA offers a wide range of services that

helps to build the capacities of the local IT companies, attracting and servicing multinational

IT companies. ITIDA also helps to expand IT businesses by offering a unique access to

numerous markets through sponsoring and participating in the local, regional, and

international tradeshows.

ITIDA’s ambition is to build and champion a world-class IT industry that will play an

increasingly important role in Egypt’s economic growth. ITIDA’s work is characterized by

long-term commitment and substantial ongoing investment to ensure fundamentally

sustainable improvements.

CONTACTS

Address: Bldg. B121, Cairo Alex Desert Rd.,

Smart Village, Giza Phone: 16248, 02-35342000

http://www.mcit.gov.eg/

http://www.mcit.gov.eg/

https://twitter.com/ITIDA

https://www.facebook.com/ITIDAEgypt

https://www.linkedin.com/groups?home=&gid=988927


ABOUT MARD

The Market Analytics & Research department, MARD, was born at the beginning of the

second half of 2015 to address ITIDA’s needs of research and is considered the focal point

for secondary conducted research, and project management at ITIDA. It provides market

intelligence reports, informative advisory services, and supporting research for any

department that requires expert and reliable information on global ICT market trends,

Egypt’s profile, and statistical indicators.

The department aims to create research that supports the effective management of

businesses, and thus can be seen as one of the critical pillars upon which ITIDA is seeking to

build the competitive capacity of the industry. Through research, ITIDA is looking to

address essential business problems and shape business practice in the ICT/ITES sector.

MARD aims to help IT professionals, business executives, and the investment community

through ITIDA to make fact-based decisions on all related ICT/ITES services/products in

the Egyptian market, and to make a measurable impact in the IT sector in co-operation with

our stakeholders of local firms, NGOs, and MCIT.

CONTACTS

Address: Bldg. B121, Cairo Alex Desert Rd.,

Smart Village, Giza

Email: [email protected]

Disclaimer

This report has been prepared for decision makers’ support purposes only by the Market Analytics &

Research Department in the Information Technology Industry Development Agency (ITIDA) as a

secondary research based on reports, periodicals and surveys from reputable research firms and local

and international organizations. All references are clearly cited. ITIDA does not guarantee or warrant

the accuracy, reliability, completeness or currency of the analytical information and statistics in this

report nor its usefulness in achieving any purpose. Readers are responsible for assessing the relevance

and accuracy of the content of this report. ITIDA will not be liable for any loss, damage, cost or

expense incurred or arising by reason of any organization or firm using or relying on analytical

information in this report.

IT SECURITY - Ministry of Communications and Information ... and... · DEVELOPMENT AGENCY IT...

Documents

Transcript of IT SECURITY - Ministry of Communications and Information ... and... · DEVELOPMENT AGENCY IT...