Cloud cybersecurity requires an increasingly modern approach. Tools and procedures that were once effective at diagnosing and monitoring the performance of IT infrastructure are now inadequate.
Cloud IT infrastructure is much more dynamic and distributed. They are accordingly more difficult to analyze and monitor.
In turn, this is making it harder for a company to detect problems and respond to them in a timely way.
Security Analytics and Observability were once considered distinct software markets. But they are increasingly coming together in light of new cloud cybersecurity developments to enable better threat prevention, detection and response.
This is also likely to mean more M&A activity as mergers between the two spheres make more sense and the market shifts. Those involved in the Security Analytics and Observability verticals could also be key beneficiaries as they grow faster than the rest of the cloud security software market.
Combined, Security Analytics and Observability have a large TAM, with a forecast to grow to around $28 billion by 2024, or about 11 percent compounded annually.
Core Observability and Security Analytics Poised to Grow at an 11% Annual Growth Rate to $28 billion by 2024
Looking at Tomorrow’s Cybersecurity Market
Security Analytics is the more traditional approach and is mostly related to businesses’ own application architectures.
SA uses data collection, data aggregation, and analysis tools for threat detection and security management. These tools enable an organization to look at security events to detect potential threats before they can adversely impact a company.
Nonetheless, more enterprises are building new digital services. And they are moving more of their applications to the cloud, so this traditional approach is becoming less effective.
This is where Observability comes in. Observability involves analyzing the inner workings of a system and help diagnose deep-rooted, internal issues.
In basic terms:
- Security Analytics tells cybersecurity teams that something is wrong.
- Observability enables them to understand why.
Convergence and Big Data Analytics
Combining Security Analytics and Observability as a dual approach to cloud cybersecurity advances protection by centralizing data, then enabling data and event correlation at large scale.
It will also help accelerate remediation times by establishing a centralized and automated response capability.
This means vendors will increasingly need to tie security domain expertise with robustness of data analytics and machine learning in the cloud.
Generally there will be two groups who benefit:
- Cloud cybersecurity companies who have domain expertise, but often lack big data analytics capabilities, and
- Those in the observability vertical who have developed strong capabilities in large scale data integration and event correlation, but generally lack security domain expertise
The relative strengths and weaknesses between these two groups have been vital behind M&A activity as companies look to position for this shift.
Investors in Cloud Cybersecurity
For investors looking to profit from this opportunity, cloud cybersecurity vendors may have an advantage, at least at first.
Observability players may have better capabilities when it comes to digesting and analyzing large amounts of data versus those who primarily operate in the security domain.
But the market is likely to favor converged solutions from cloud security vendors.
This is largely due to the converged group’s deeper level of domain expertise and closer relationships with cybersecurity decision-makers.
However, opportunities will also exist for Observability players among smaller and mid-market customers that operate cloud operating models. This is because of an ongoing convergence across operations, development, and cybersecurity teams for these types of customers.
Building upon core capabilities in machine learning analytics and data correlate, Observability vendors are likely to play an increasingly strategic role in this market by unifying data across teams. This can lead to real-time intelligence and faster identification and responses to cyber threats.