IT Trends | Research

Enterprise IT Security Capabilities Begin Slow Shift to the Cloud

• By David Nagel
• 04/16/13

Identity management, vulnerability assessment, and other forms of enterprise IT security technologies are slowly moving to the cloud. According to a report released this week, just about 10 percent of all enterprise security product features will be delivered via the cloud.

In the Gartner report, "Demand for Cloud-Based Offerings Impacts Security Service Spending," survey respondents from enterprises across sectors in the United States and Europe indicated they intend to increase their use of cloud-based security tools in the next 12 months. E-mail security was the top-rated security service for 74 percent of respondents.

"Furthermore, according to Gartner, "27 percent of the respondents indicated they were considering deploying tokenization as a cloud service. Gartner believes regulatory compliance measures to comply with the Payment Card Industry Data Security Standard (PCI DSS), for example, are driving much of the growth of interest in tokenization as a service. As a service, tokenization allows security buyers to avoid having to house personally identifiable information (PII) or other confidential information. The service allows organizations to remove tokenized systems from being considered 'in scope' for PCI compliance, thus removing the burden of regulating the environment."

Security information and event management as a service was also cited as an area of potential growth.

"Demand remains high from buyers looking to cloud-based security services to address a lack of staff or skills, reduce costs, or comply with security regulations quickly," said Eric Ahlm, research director at Gartner, in a prepared statement. "This shift in buying behavior from the more traditional on-premises equipment toward cloud-based delivery models offers good opportunities for technology and service providers with cloud delivery capabilities, but those without such capabilities need to act quickly to adapt to this competitive threat."

Additional details can be found in the complete report, available on Gartner's site for registered clients. (The report is aimed primarily at VARs and security services providers, not enterprise users.) Gartner will also address these issues at its upcoming Security & Risk Management Summit, taking place June 10–13 in Maryland.

About the Author

David Nagel is editorial director, education for 1105 Media's Public Sector Media Group and editor-in-chief of THE Journal. A 22-year publishing veteran, Nagel has led or contributed to dozens of technology, art and business publications.

He can be reached at dnagel@1105media.com. You can also connect with him on LinkedIn at or follow him on Twitter at @THEJournalDave (K-12) or @CampusTechDave (higher education).