The cloud security services market will experience a slow but steady rise for the next several years, meaning it’s a good time for solution providers to step up their cloud security skills and take advantage, according to a recent report by Infonetics Research.

The report, "Cloud and CPE Managed Security Services (2015 Edition)," by Jeff Wilson, principal security analyst for the research firm, predicts somewhere between 10 percent to 12 percent growth for the cloud security services market through 2018.

This growth is slightly lower but still fairly consistent with market growth from 2013 to 2014. In 2013, revenue in the market was at $6.3 billion, growing 13.5 percent in 2014 to 7.2 billion, according to the report. Projected revenue for 2015 is $8.1 billion, while in 2018 the market should represent about $11 billion in revenue opportunity.

Cloud-based revenue comes from security services and solutions sold in conjunction with broadband services, security for mobile devices/apps, Web and application hosting services, and security solutions for enterprise infrastructure that has migrated into the cloud, Wilson wrote in the report. “These solutions are tightly coupled to a specific provider’s network or infrastructure,” he wrote.

In calendar-year 2014, 30 percent of cloud-based security service revenue was from managed firewall services; 46 percent from content security; 2 percent from IDS/IPS; 8 percent from DDoS mitigation; and the rest (14 percent) from other security services.

The driving forces behind the slow but steady rise in growth of cloud security services demonstrate both the good and bad news of the current security climate for cloud computing, according to the report.

On one hand, the growth shows that there also is an increase in volume, variety and complexity of security threats of all types, from infrastructure-level threats such as DDoS attacks to extremely targeted attacks using 5+ vectors and adapting techniques based on protection detected, Wilson wrote.

Companies, too, have not been so forward-thinking in the design of their security systems, which has resulted in what Wilson calls “security product sprawl.” With security products from sometimes 10 or more vendors with no common policy, management, or reporting system in place, companies are leaving themselves vulnerable to threats and are in need of security services as they adopt the cloud.

An increase in that very adoption is another factor driving growth in the cloud security services market, Wilson wrote. As enterprise IT moves to the cloud, so security will have to follow, regardless of whether companies are ready.

Other factors driving growth in the need for cloud security services include an increased proliferation and distribution of a variety of mobile devices in the workforce—with employees using as many as five devices to access corporate data these days—and service provider investment in security services rollout to create sticky, high-margin revenue going forward, according to the report.

Security product manufacturers also are in solution providers’ corners in their quest to take advantage of the market, developing products specifically aimed at helping providers deliver managed common platform enumeration (CPE) and cloud services, Wilson said.

“The adoption of SDN (software defined networking) and NFV (network functions virtualization) in particular are will really enable providers to build agile cloud and CPE-based services, and help drive the growth we’ve forecast through 2019,” he wrote in the report.