Market researchers at advisory firm Gartner, Inc. released today figures from their Market Share Analysis: Security Software, Worldwide, 2013 report. Among them the total value of the worldwide security software revenue last year-US$19.9 billion-which registers as a 4.9 percent increase from the US$19 billion of 2012.

The research firm cited the "commoditisation of key subsegments"-such as endpoint security and secure email gateway solutions-"and the decline in growth for two of the top five vendors." (The two vendors with negative growth last year were Symantec with -0.3 percent, and Trend Micro with -5.3 percent.)

Addressing these points specifically, Gartner research director Ruggero Contu said: "The market experienced slower, but still healthy, growth in 2013. This slightly tempered growth was partly due to the increased commoditisation of the endpoint security (particularly consumer endpoint software) and secure email gateway subsegments that in 2013 accounted for around 25 percent of the total security software market."

"Overall the larger trend that emerged in 2013 was that of the democratisation of security threats, driven by the easy availability of malicious software and infrastructure (via the underground economy) that can be used to launch advanced targeted attacks," Contu said. "This ubiquity of security threats has led organisations to realise that traditional security approaches have gaps, thereby leading them to rethink and invest more in security technology."

"The consequent involvement of the business in security purchase decisions has both a positive and negative effect on software vendor revenue," he went on to say. "With every company becoming a technology company, more organisations are now looking to leverage a multitude of data points to become more competitive. This desire to become more digital brings with it its own challenges in terms of securing this data to prevent data breaches and to protect against advanced targeted attacks."

The top five security software vendors in 2013: Symantec with 18.7 percent market share and made US$3.74 billion, McAfee with 8.7 percent and made US$1.74 billion, IBM with 5.7 percent and made US$1.13 billion, Trend Micro with 5.6 percent and made US$1.11 billion, and EMC with 3.8 percent and made US$760 million. Other vendors accounted for 57.5 percent of the market, which saw the total revenue of US$11.48 billion.

The top four vendors-Symantec, McAfee, IBM and Trend Micro-together accounted for 39 percent of the total security software market, according to Gartner researchers, who also pointed out that "this is the first time in many years that a broad portfolio vendor [defined as a non pure-play security vendor] such as IBM has been able to enter the top three.

They further provided a regional look at their numbers. "From a regional perspective, the top three regions ranked by year-over-year growth were Emerging Asia/Pacific (12.8 percent), Greater China (11 percent) and Eurasia (9.3 percent)," they said. "The three largest regions (North America, Western Europe and Mature Asia/Pacific) accounted for 83 percent of the total security software market in 2013, but displayed a cumulative growth of 4.1 percent, which is slightly below the market average of 4.9 percent." (Mature Asia/Pacific markets in Gartner's market definition covers those of Japan, Australia, New Zealand, Singapore, South Korea, Hong Kong and Taiwan; Emerging Asia/Pacific markets are outside of these geographies.)

Contu offered up additional insights on these numbers. "The slower-than-average growth for security software in mature markets is due to the saturation of key segments of the technology market and the highly competitive nature of security deals, driven by an expansion of vendor capabilities into adjacent areas and the continuation of mergers and acquisitions," he said. "The high penetration rate of consolidated and mature technology areas such as consumer security software, endpoint protection and secure email gateway, has resulted in increased pricing pressure, along with the bundling of capabilities in suite offerings in the identity and access management space (user provisioning and Web access management), which leads to a slowdown in discrete new licence revenue."