IDC defines the endpoint security software market as products designed to protect physical and virtual endpoints, such as personal computing devices such as virtual desktop infrastructure, servers, virtual workloads, and smartphones from cyber-attacks through malicious code and behavioural detection, as well as reducing vulnerabilities through attack surface reduction techniques and impact radius limitations across various operating systems (e.g., Windows, Linux, macOS, iOS, Chrome OS, and Android).
In Indonesia, companies are increasing their investments in endpoint security software to protect their assets at endpoints, such as desktop computers, laptops, mobile devices, servers, and other devices connected to the network. IDC estimates that Indonesia's endpoint security software market grows 10.8% year-on-year in the second half of 2022.
Sandika Putra, an associate market analyst with IDC Indonesia, says as companies transition to more flexible work arrangements and continue to adopt cloud, mobile and IoT technologies, there is a noticeable increase in companies' awareness of the importance of bolstering endpoint security to address cybersecurity risks to their business.
"The implementation of endpoint security software that combines preventive measures, endpoint detection & response (EDR), and robust hardening technologies plays a crucial role in mitigating attack attempts," he added.
According to the IDC 2022 Trust & Security Survey, Indonesian companies are already implementing trust and security strategies aimed at sustainability, cost savings, and business resilience. The survey also reveals that 22% of Indonesian companies express concerns about intellectual property loss resulting from increasingly sophisticated cyber security attacks.
Separately, the IDC Cybersecurity Outlook 2023 report highlights that organisations are currently grappling with growing complexity in their infrastructure environments, particularly with the adoption of multi/hybrid cloud operations.
Furthermore, the implementation of work-from-home practices has expanded the parameters that companies need to defend, posing challenges in effectively managing security across diverse platforms and environments.
Technology landscape
The endpoint security market can be divided into two segments: consumer digital life protection (CDLP) and corporate endpoint security. CDLP provides comprehensive cybersecurity solutions to protect users' devices, data, and online activities, enhancing their digital security and online experience.
Corporate endpoint security has two main components: modern and server security. Modern endpoint security protects personal computing devices by detecting malicious code and behaviours and taking appropriate actions to address threats. Server security focuses on safeguarding physical and cloud servers.
In Indonesia, CDLP is a significant portion of the endpoint market. This is expected to grow in single digits as consumers now have access to built-in or free alternatives that offer similar features, including antivirus, anti-malware, anti-phishing, and even VPN services.
In contrast, corporate endpoint security is experiencing stronger growth driven by the increasing adoption of cloud-enabled infrastructure and mobile work practices. The modern endpoint security market in Indonesia is increasing by 17.9% year-over-year. Server security is also gaining traction in Indonesia with a remarkable 28.1% year-over-year growth rate.
Corporate endpoint security is influenced by various factors, particularly the adoption of cloud-based digital business processes which introduces new risks, requiring robust security measures to protect sensitive data and critical operations.
Indonesia's position as one of the top Asia/Pacific (excluding Japan and China) spenders in IoT technologies underscores the need for strengthened endpoint protection. As the number and diversity of threats increase, organisations face significant challenges in securing endpoints, leading to adopting new approaches and tools for endpoint security.
In the Indonesian context, regulatory factors also drive the need for server security. The BSSN Regulation imposes obligations on organisations operating electronic systems to implement adequate security measures to safeguard against potential cyberattacks and enhance overall cybersecurity.
The endpoint security software market is expected to experience sustained growth as awareness of the importance of security increases in response to cybersecurity incidents in Indonesia, including high-profile data breaches involving several well-known companies in recent years. This growth will be further driven by the widespread adoption of remote work practices and the increasing use of cloud computing.