Report: Security Software Sales To Surge

Fueled by an epidemic of hack attacks and costly viruses, spending on security software is set to soar from $2.5 billion (US$) in 1999 to over $6.7 billion in 2004, according to a study released Tuesday by Gartner Group division Dataquest.

"As Internet and e-commerce applications mature, security will gain increased focus, creating more opportunity for vendors," said Dataquest analyst Carolyn DiCenzo.

Antivirus Software Leading the Pack

"With the Internet offering new opportunities for intrusion and distribution of malevolent code, software vendors are looking to strengthen and expand their security software offerings," DiCenzo said.

According to the report, the No. 1 security software is antiviral software, with 31 percent of the current market.

Most vendors offer more than one product, ranging from encryption software to antivirus software, Dataquest found. Additionally, some management software vendors -- such as Computer Associates, IBM/Tivoli and Hewlett-Packard (NYSE: HPQ) -- are increasing the focus on security in their core software offerings.

In the next few years, DiCenzo commented, services will become more important "not only in support of security products, but also as a way to deliver solutions to customers."

Year of the Hack Attacks

A study released in July by PricewaterhouseCoopers predicted that hack attacks would cost the world economy $1.6 trillion in the year 2000, while viruses are expected to add an additional $1.5 trillion to the tab, according to a report by Reality Research.

In February, a coordinated denial-of-service (DoS) attack was launched against several high profile sites, including Yahoo!, E*Trade, eBay, Amazon.com and CNN.com.

Before Netizens could catch their breath, a cyber-vandal from the Philippines launched the "Love Bug." Spread via an e-mail attachment, the virus self-replicated once opened and wreaked havoc on files around the world.

Experts estimate that the Love Bug hit 60 to 80 percent of American businesses, costing companies worldwide an estimated $2.61 billion.

According to the U.S. Federal Bureau of Investigation (FBI), 9 out of 10 companies have reported computer security breaches -- including hacking, viruses, fraud, and sabotage -- since March 1999. That study was based on more than 600 companies and government agencies.

Government Vulnerable

Notably, recent reports have shown that the U.S. government is extremely vulnerable to hack attacks. The non-partisan Congressional audit agency, the Government Accounting Office (GAO), told Congress on Monday that the government's highly touted portal, FirstGov.gov, is vulnerable to hack attacks.

Launched two weeks ago as a portal to the government's 27 million Web pages, FirstGov, according to the auditors, lacks a "comprehensive security plan and from a security standpoint, has not been accredited for operational use."

The auditors also found that "access controls" had not been independently tested and that the 11-member FirstGov board had not set a schedule for security assessments.

This instance is not the first time in recent months that the GAO has taken exception to the lack of security at government Web sites. Just last month, the auditors issued a report saying that it found security weaknesses in all 24 of the government computer systems it reviewed.

As a result of those weaknesses, determined hackers could easily break into government computers and access information ranging from Social Security numbers to defense secrets, the agency said.