Microsoft Teams now ‘bigger than Slack’


Keumars Afifi-Sabet

12 Jul, 2019

The number of individuals using Microsoft’s flagship workplace hub has soared in the last few months to leave its key competitor – Slack – in the dust, figures released by the firm show.

Two years after Microsoft launched its Teams platform, which is part of the firm’s Office 365 suite of apps and services, the company is boasting the digital workspace has more than 13 million active daily users.

This is one-third more than Slack’s 10 million daily user count according to the latest figures the company has disclosed. Active weekly users for Microsoft’s service, meanwhile, stand at 19 million.

The feat is more staggering considering that Microsoft’s platform was lagging behind its rival as soon as April this year, according to a chart the company produced.

Microsoft Teams owes its recent success to auto-inclusion with the 365 suite of apps and services

The pace of growth has been sharp but will not come as a surprise considering the number of organisations that are reliant on Microsoft Office 365, of which Teams is an integral component.

Distributing Microsoft Teams to its pre-existing customer base has likely been a huge factor in its growth since it was first launched two years ago.

The company says Teams now boasts a user base of 500,000 organisations. Slack, meanwhile, has more than 85,000 paid-for organisations, according to its latest figures, but the total number of businesses signed up to the workplace hub has not been disclosed.

Microsoft has also used this opportunity to introduce a raft of additional features for the workplace app, including priority notifications and read receipts for private chats.

Announcements can allow team members to flag important news in a channel, while cross-channel posting saves time on copy-and-pasting the same message to different audiences.

IT administrators are also being helped to deploy the Teams client and manage policies for every member within an organisation. Pre-defined policies, in areas like messaging and meetings, can be applied to employees based on the needs of their individual roles.

Slack itself recently announced a number of updates to its functionality and user interface. These span shared channels with customers and vendors, as well as added integration between email and calendars.

Commenting on Slack’s IPO a few weeks ago, vice president and principal analyst with Forrester, Michael Facemire, said Slack’s success will be determined by how well it can penetrate enterprises.

“Can Slack prove to the enterprise buyer that it is more than a chat app, more than a collaboration tool, but instead an enterprise collaboration platform? If Slack can do this, expanding out of a tech-savvy user base and into all parts of the business become much easier, as it starts to do work for everyone.

“The next challenge is selling its service into the enterprise. Many companies have multiple instances of free Slack in use. But this group of users face their first hurdle when these free accounts need enterprise governance (single sign-on, message retention rules, etc).

“Will Slack be able to prove the value of both paying the fee and doing the work to integrate with existing systems? This question will also signal how quickly it can succeed in an enterprise market.”

Cloud Pro approached Slack for comment and an update on its active daily user count, but hadn’t received a response at the time of publication.

Thousands of sites fall to Magecart ‘spray and pray’ attack


Connor Jones

12 Jul, 2019

More than 17,000 domains have been compromised in an attack launched by the prolific hacking group Magecart, according to attack surface management firm RiskIQ.

The attack preys upon websites with leaky Amazon S3 buckets, an attack method seen all too often despite them now being protected by default. The researchers said that anyone with an AWS account could read or write files in the affected buckets.

The attackers scanned the web for misconfigured buckets to see if they had any Javascript files they could download and add their skimming code, overwriting the script on the bucket.

Magecart was trying to run scripts on websites to glean and make off with payment information that can then be sold on for profit. It wasn’t just smaller websites affected by the attack, some of the 17,000+ compromised websites fell into the top 2,000 Alex rankings.

The problem with the attacker’s methodology is this type of skimming attacks rarely works on payment pages of websites, which makes the chance of a successful attack low compared to a more considered, targeted approach.

But the Magecart group could still enjoy “a substantial return on investment” due to the range of the attack. “The ease of compromise that comes from finding public S3 buckets means that even if only a fraction of their skimmer injections returns payment data, it will be worth it,” said Yonathan Klijnsma, threat researcher at RiskIQ, in a blog post.

“Perhaps most importantly, the widespread nature of this attack illustrates just how easy it is to compromise a vast quantity of websites at once with scripts stored in misconfigured S3 buckets,” he added. “Without greater awareness and an increased effort to implement the security controls needed to protect the content stored in these buckets from theft or alteration by malicious attackers, there will be more – and more impactful – attacks using techniques similar to the ones outlined in this blog.”

Exploiting misconfigured Amazon S3 buckets is a common attack method used time and again by opportunistic cyber criminals.

Earlier in the year, Facebook apps Cultura Collectiva and At the Pool became victims of a similar attack, with the cyber criminals making off with 540 million records, including users’ names, IDs and comments made through Facebook’s social integration.

“Like any other security procedure, security policies are a good mechanism for protecting the access to your S3 Bucket, but it needs to be used the right way,” said Boris Cipot, senior security engineer at Synopsys. “It has to be understood, and the user needs to know what they are doing when applying those policies to their buckets.

“Unfortunately, misconfigured policies then can lead to examples like those where the attacker can identify buckets with those misconfigured policies and modify the content on them,” he added. “Every user should have a good understanding of what they’re doing, but if this is not possible, leave it to professionals that know how to handle security.

“On the other hand it would be nice to see if Amazon could make a policy screening functionality were they could identify such misconfigured policies and warn the user – or in some cases even forbid the usage of loose policies.”

Other notable examples of devastating attacks made possible by leaky buckets include the leak of data belonging 120 American households by Experian. The NSA, WWE and Accenture also suffered similar attacks.

The future looks bright, however. According to reports, since Amazon enabled encryption for buckets by default, the number of exposed files has plummeted to less than 2,000 whereas the number was in the region of 16 million beforehand.

How public cloud continues to drive demand for cybersecurity solutions

Ongoing investment in cybersecurity solutions continues to grow. According to the latest worldwide market study by Canalys, cybersecurity solutions for public cloud and 'as a service' accelerated in the first quarter of 2019. Those deployment models collectively grew 46 percent year-on-year.

These type of solutions accounted for 17.6 percent of the total cybersecurity market value — that's up from 13.8 percent in the same period a year ago. Virtual security appliances and agent solutions also grew significantly, up by 18.2 percent on an annual basis.

Cybersecurity solutions market development

Traditional security hardware and software deployments still dominate, representing almost 75 percent of the total market. Both deployment models continued to grow but at a slower rate of just over 8 percent. This growth highlights the ongoing transition in cybersecurity solutions, as organisations look to protect more data assets and workloads located in the public cloud.

Moreover, IT vendors have introduced new ways of doing business with channels and enterprise customers in terms of purchasing, consumption and servicing — as well as helping simplify security operations within increasingly complex IT environments.

The worldwide cybersecurity market reached $9.7 billion in terms of shipments in the latest quarter — that's up 14.2 percent from $8.5 billion in Q1 2018.

 

 

According to the Canalys assessment, enterprise IT investment in cybersecurity shows no sign of slowing down. "The security industry will be immune to the increasingly challenging macro-economic and political environment," said Matthew Ball, principal analyst at Canalys.

There's a troubling trend that has raised awareness about the ultimate cost of an inadequate defense to counter online criminal activity. Recent high-profile ransomware attacks have resulted in some organisations paying large sums to regain access to critical IT systems and their related data.

Strengthening security strategies across devices, infrastructure, perimeters and applications will continue to be critical. Increasing employee training and gaining more comprehensive cybersecurity insurance will also be important.

As new cyber threats appear in the online arena, more security software startups will likely emerge, adding to an already crowded market. Product differentiation will be key, but also offering customers a choice of deployment models and simplified licensing will be vital.

Outlook for cybersecurity solutions growth

The challenge for enterprise organisations in both the public and private sectors is to maintain pace with the evolving and diverse range of online security threats. Many think they're too small or not high-profile enough to be targeted, but online hackers will seek to exploit any IT vulnerabilities.

This threat landscape is creating opportunities for IT channel partners to expand their capabilities to provide more holistic cybersecurity offerings to assess, recommend, deploy, integrate and manage multi-vendor solutions and services incorporating several deployment models.

Overall, the channel represented 92.3 percent of the cybersecurity solutions shipment value in the first quarter of 2019.

https://www.cybersecuritycloudexpo.com/wp-content/uploads/2018/09/cyber-security-world-series-1.pngInterested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

Does the rise of edge computing mean a security nightmare?

What do we mean by edge computing? In a nutshell, with edge computing you are processing data near the edge of your network, where the data is being generated, instead of relying on the cloud – or, more specifically, a collection of data centres.

As a relatively new methodology, computing at the edge invites new security challenges as you are looking at new setups or new architecture. Some say that you have to rely on vendors to secure your environment when you start computing at the edge. Those that champion edge computing claim that computing at the edge is safer because data is not traveling over a network but others see edge computing as being less secure because, for example, IoT devices are easily hacked.

And there are many ways to think about edge computing including smartphones. After all, if you consider the security and privacy features of a smartphone where you are encrypting and storing some kind of biometric information on the phone then you effectively take away those security concerns from the cloud and place them ‘next’ to the user, on their phone. 

With edge computing, you are effectively running your code on the edge. But running your code on the edge brings about specific security challenges because it's not within your stack or within your security environment – even though it is running on the edge it may still sometimes require queries from the back end, from the application. This is the main security concern when running a serverless environment and, in general, when running code on the edge. Where IoT devices are concerned, you run some of the code on the device itself (your mobile device or your IoT device) and you need to secure this. 

The massive proliferation of end user endpoint devices could turn out to be an edge computing headache for many organisations. A single user might have multiple devices connected to the network simultaneously. The same user will undoubtedly mix both personal and professional data (and applications/profiles) onto a single device. In most scenarios, endpoint security tends to be less than robust, whereby this user could (unwittingly) expose the organisation to serious risk and accompanying losses or exposure to malicious viruses. Many of these devices are not only very insecure, but they can’t even be updated or patched – a perfect target for hackers.

And 5G will certainly cement the era of edge computing. In general 5G should be a wonderful thing because it will accelerate the use and development of real time applications. But when you have more data going through a device you need more control of that data and you will need tools that allow an organisation to control that data from a security perspective.

The IoT and 5G relationship will see huge numbers of IoT devices feeding a huge amount of data to the edge. Currently however, none of the security protocols on IoT are standardised which highlights the biggest security risk of 5G. That is to say, your smart fridge in the kitchen currently has no standard for how it secures and authenticates with other smart devices. Base-level security controls are therefore required to mitigate such risks.

In the wider business world there will be a massive shift of computing function to the edge. When organisations rely less and less on data centres, (they will end up virtually ‘next’ to the workforce), then securing the endpoint edge means encrypting communications and ensuring that security devices are able to inspect that encrypted data at network speeds. Devices also need to be automatically identified at the moment of access, and appropriate policies and segmentation rules applied without human intervention. They also need to be continuously monitored, while their access policies need to be automatically distributed to security devices deployed across the extended network.

Organisations ultimately want to protect their data and they want to protect their production. When you are computing at the edge you are working with data at the edge and not in your workload. From a security point of view therefore, you need to secure the data both in transit and at rest. This security challenge is currently undertaken largely vendors and ultimately the security protocols underwritten by the big cloud providers such as AWS for example.

However, it is a mistake to believe that edge technology inherits the same security controls and processes that are found with the likes of AWS or the public cloud. Computing at the edge can cover all kinds of environments which are often remotely managed and monitored; this might not offer the same security or reliability that organisations are used to seeing with the private cloud. Ultimately it is the responsibility of the customer to properly vet potential vendors to fully understand their security architectures and practices.

https://www.cybersecuritycloudexpo.com/wp-content/uploads/2018/09/cyber-security-world-series-1.pngInterested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

Google Cloud to acquire storage provider Elastifile, further reinforces enterprise ambitions

Google Cloud’s focus on the enterprise continues apace, with the company announcing its intent to acquire Santa Clara-based cloud storage provider Elastifile.

Elastifile offers cloud-native file storage which promises an enterprise-grade distributed file system, as well as ‘intelligent’ object tiering. While the company had been somewhat under the radar – its most recent funding round of $16 million in 2017 was a little lower than average for cloud storage series Cs – its product set is bang on target for enterprise pain points. The company argues its set of features mean organisations do not need to refactor their apps when migrating to the cloud.

Google plans to integrate Elastifile with Google Cloud Filestore – and writing a blog post confirming the news, Google Cloud CEO Thomas Kurian noted the synergies between the two companies.

“The combination of Elastifile and Google Cloud will support bringing traditional workloads into [Google Cloud Platform] faster and simplify the management and scaling of data and compute intensive workloads,” wrote Kurian. “Furthermore, we believe this combination will empower businesses to build industry-specific, high performance applications that need petabyte-scale file storage more quickly and easily.

“This is critical for industries like media and entertainment, where collaborative artists need shared file storage and the ability to burst compute for image rendering; and life sciences, where genomics processing and machine learning training need speed and consistency; and manufacturing, where jobs like semiconductor design verification can be accelerated by parallelising the simulation models,” added Kurian.

From the Elastifile side, CEO Erwan Menard outlined the rationale behind the move. “As we join the Google Cloud team, we are eager to build further upon our joint success, providing even more value to our customers,” Menard wrote. “Together, we are absolutely convinced that joining Google Cloud will enable us to serve the market with the best file storage service in any cloud, developed in a stimulating environment where our team members will continue to thrive.”

In June, Google Cloud welcomed business intelligence platform Looker into its ranks in what was reported as a $2.6bn (£2.05bn) all-cash transaction. The move was seen as a further indication of Google’s move into multi-cloud, in particular bringing together data from various SaaS applications – another important element for enterprises to consider.

Since Kurian took the top job at Google Cloud plenty has been discussed around the company’s ongoing ambitions, both for enterprise and multi-cloud. During his first public speaking gig in February, Kurian noted his plan to hire more sales staff and focus more aggressively on larger, traditional companies. At Google Next in April, the latter went a step further, with Google announcing its cloud services platform Anthos would accommodate AWS and Microsoft Azure.

Financial terms of the acquisition were not disclosed.

https://www.cybersecuritycloudexpo.com/wp-content/uploads/2018/09/cyber-security-world-series-1.pngInterested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

Dropbox launches email alternative ‘file-transfer’


Bobby Hellard

10 Jul, 2019

File hosting platform Dropbox has launched a file-sharing service called ‘Dropbox Transfer’, as a form of alternative to email.

According to the company, which recently reinvented itself with a new design, email has limitations. You can only attach files up to a certain size and its not always clear if your recipients have received them.

“Transfer offers the convenience of email, without the 25 MB limit on attachments,” the company said. “With Transfer, you can send up to 100 GB of files – five times what some other services allow – in just a few clicks.

With Dropbox Transfer, users will have the option to drag and drop files to upload from their computer or skip the wait by adding items stored in Dropbox. Once they’ve created a transfer, they’ll get a link that can be pasted anywhere. This link can be sent to anyone, even if they don’t have a Dropbox account, the company said.

Recently an email platform called Superhuman hit the headlines after it was revealed it used ‘read receipts’ which tracked when and where emails were opened – without consent. Dropbox seems to have added a similar feature – sans the location tracking – where users can customise their transfers with notifications for when they’ve been opened – and also how many times.

There’s also a set of tools to create bespoke designs for a more professional look, where logos and branding can be added, rather than just a simple shared file link.

Dropbox Transfer opens today as a private beta, regardless of whether you’re using a free or paid account. There’s a beta waiting list on the company’s website for those that want to try the new service out.

Is it time to drop Dropbox?


Barry Collins

23 Jul, 2019

Like the 20-goal-a-season striker who turns up in the manager’s office asking for a new contract, Dropbox is good – and it knows it. That’s why it’s turning the screw on free users, enforcing significant price rises on subscribers and doing its level best to turn the red ink on its profit-and-loss sheet to black.

The warning signs literally started appearing in March, when free users suddenly received alerts that they couldn’t install Dropbox on new devices because the company had imposed a strict three-device limit. Any devices you had linked to Dropbox prior to March would remain so, but if you subsequently tried to add a new one, you couldn’t just swap one of the old devices out – you had to reduce the number of devices on your account to two and then add the new one.

Want the freedom to install Dropbox on as many devices as you like again? Well, step right over here and take out one of Dropbox’s subscription plans, from the bargain price of £5.99 per month. Except that price didn’t last long. Last month, Dropbox imposed 20% price rises across the board, meaning the cheapest subscription plan now costs just shy of £100 a year, or £7.99 per month. If you don’t want to pay a year’s subscription in advance, that’s hiked up to £9.99 per month or £120 a year.

To be fair to Dropbox, it has increased the amount of storage available to paid-for subscribers. Plus users have seen their storage quota double from 1TB to 2TB, and the service has rolled out several new features, including the ability to “rewind” your entire Dropbox should ransomware encrypt all your files and demand you immediately shuttle £500 to Sergei in Moscow to get them back.

That Dropbox is brilliant is not in question. I’ve used it for personal and business files for years and I can count on the fingers of one hand the number of times it’s let me down. And because I’ve managed to harvest chunks of extra storage by recommending Dropbox to friends and buying certain devices over the years, I’ve not had to pay for it.

But now I feel like I’m being boxed in by Dropbox. The three-device limit will eventually bite me (I currently have it installed on no fewer than 21 devices, although a good chunk of them are sitting unused in my kit cupboard) and Dropbox is so firmly integrated into my work and personal life that I’d struggle to get by without it. Almost any app or productivity software you can think of integrates with Dropbox – no other service offers the same carefree file syncing.

So at some point soon I’m going to be faced with a choice. Do I pay up and tether myself to Dropbox and its price rises for the foreseeable future? Or jump ship before I’m in too deep? You might reasonably argue that I’ve had a good run on a free service, and I should be prepared to pay for something that’s so valuable to my business. But there’s something about being strong-armed into subscribing that leaves a bad taste. It’s nowhere near as malicious as the ransomware it guards against, but it’s not entirely dissimilar, either: it’s got my data, now it wants my money.

How Sophos looks to deep learning and the cloud for stronger security protection and delivery

Keeping your organisation secure in a device- and data-heavy world is tougher than ever. Utilising cloud and artificial intelligence (AI) technologies can lead to various issues – recent coverage has spoken of the problems of hackers ‘hijacking’ AI technology, for instance – but it can also make life easier for security teams.

To get to that harmonious state between human and machine however, a few questions need to be answered along the way. Who does what work? What vectors and bad actors do we need to look out for? Where do we go from here?

Security giant Sophos published a two-part blog last month which aimed to describe the process of fusing artificial intelligence and security and how the company was utilising it.

The company utilises deep learning in particular to recognise malware which nobody else has seen – not only analysing it by its code, but by how it behaves. Sophos analyses more than 2.8 million new malware samples each week, which shows the extent of the challenge and the resources spent combating it.

“When we combine our new data with the hundreds of millions of samples we’ve already collected, our deep learning system can essentially ‘memorise’ the entire observable threat landscape as it stands right now,” the company writes. “Our models help us analyse complex relationships between different features, and we can continually adjust them to target real malware with fewer false positives.”

Erik Farine, regional director for Benelux at Sophos, says that 450,000 new ransomwares or malwares are created per day, of which three quarters could be targeted specifically on one company. “Today we look at behaviour and not at signature anymore,” he tells CloudTech. “There’s no way in keeping track of that without having an AI system that helps us to track that and to make sure that we have a live update on behaviour.”

In May, Oracle published a report which argued this very point. To best protect information systems, across the data, device and application layer, automation and artificial intelligence-based software was needed to give the ‘defence-in-depth’ required to reduce risk, the report explained.

But where does the human side fit in? Plenty has been written across various industries on how AI will fit into organisational structures, with the prevailing consensus being that the human touch would still be needed. When it comes to security, particularly looking at the employee-facing side, the consensus is that the human is the weak link in the chain.

This was also emphasised in the Oracle report. Of the 775 corporate executives polled, the majority said human error was one of the biggest risks to information security. That said, for almost half (47%), the response would be to invest more in people than in technology.

The latter is an opinion with which Farine agrees. Get best practices right and you have got a lot of the job done. “If the AI has to do the work, we’re too late,” he explains. “Make sure that your root ports are closed and make sure that people understand phishing. Those two can rule out lots of intrusions if we manage to do that.”

Another element where Sophos has been looking to utilise deep learning is through its Intercept X offering, focused around endpoint protection. The company announced in May it was adding endpoint detection and response (EDR) to Intercept X for Server. The driving force was a nod to cybercriminals’ evolving habits, frequently blending automation and human hacking skills to carry out attacks on servers.

What’s more, the company is increasingly looking to the cloud, with its Sophos Central unified cloud console, where all security products reside, being claimed as the only vendor doing it today. This is a natural progression, Farine argues; security vendors need to move to ‘as a service’ rather than legacy licensing models.

“If you look at the future, seeing that the market has ramped up in terms of finding people, and finding the know-how, more and more we see that the evolution is towards the cloud, which we are in today,” says Farine. “The next step is it becomes a service. If I look at my region, if you look at the MSP market, that is actually 7% of our business today, and it’s doubling every year.

“It’s evolving very quickly, and from there the step is very small to bring it as a service.”

https://www.cybersecuritycloudexpo.com/wp-content/uploads/2018/09/cyber-security-world-series-1.pngInterested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

UK businesses say the cloud is falling short of expectations


Daniel Todd

9 Jul, 2019

The benefits of the cloud are still not living up to UK firms’ expectations, according to research.

Less than half (44%) of companies surveyed say the flexibility of the cloud has matched their expectations, followed by improved security (43%) and efficiencies (31%), the research – which was carried out by Research Without Barriers (RWB) – found. 

Just 19% of businesses believe cloud mobility is delivering on expectations, while a further 19% say the cloud has given them a greater user experience. Additionally, a strikingly-low 13% also say it supports business innovation.

“The cloud is fast becoming the preferred choice for positive digital disruption, but it seems it’s not giving businesses what they want on a number of levels,” said Jon Wrennall, CTO at digital software and services provider Advanced, which commissioned the research. The study forms part of the firm’s 2019 Digital Business Report, which surveyed more than 500 senior decision makers spanning small, medium and large businesses throughout the UK. 

“This is a concern simply because the cloud can – and should – deliver these benefits and more.”

At a time when cloud spending continues to be on the rise, according to Gartner, the survey also found that only 50% of respondents believe the cloud should be “inherent in all business software their organisation uses.”

“It begs the question: are organisations being distracted by hyped-up cloud tools over prioritising software that is relevant to their own unique needs? And are they not being given the right third-party support to realise the cloud’s value?” Wrennall added. 

“The right strategy and guidance will help organisations get the maximum benefits from the cloud as well as dictate what business functions they should migrate to the cloud because, in certain cases, some functions are actually best kept on-premise.”

Large businesses are also utilising a range of tools to improve efficiencies spanning CRM and ERP. 

Some 63% said their organisation should be using multiple software solutions to run their operations – as opposed to a single, unified platform – citing the unique requirements of different departments (63%), increased flexibility this offers (53%) and the lower risk of failure (38%).

Less than half (47%) of smaller businesses said its various department needs can be met by a single solution.

However, Wrennell added that multiple software solutions – whether cloud-based or on-premise – must be integrated to “truly improve business performance and productivity.”

Survey respondents agree with the sentiment, too, with 70% reporting that a lack of integration between business software is holding them back from achieving successful digital transformation.

How CRM remains the fastest growing enterprise software market – and how Salesforce still dominates

  • Salesforce dominated the worldwide CRM market with a 19.5% market share in 2018, over double its nearest rival, SAP, at 8.3% share
  • Worldwide spending on customer experience and relationship management (CRM) software grew 15.6% to reach $48.2B in 2018
  • 72.9% of CRM spending was on software as a service (SaaS) in 2018, which is expected to grow to 75% of total CRM software spending in 2019
  • Worldwide enterprise application software revenue totalled more than $193.6B in 2018, a 12.5% increase from 2017 revenue of $172.1B. CRM made up nearly 25% of the entire enterprise software revenue market

CRM remains the largest and fastest growing enterprise software category today according to the latest market sizing, and market share research Gartner published this weekGartner defines CRM as providing the functionality to companies across the four segments of customer service and support, digital commerce, marketing, and sales.

All four subsegments of the CRM market grew by more than 13.7%, with marketing emerging as the fastest growing segment, increasing by 18.8% and representing more than 25% of the entire CRM market. Customer service and support retain its No. 1 position, contributing 35.7% of CRM market revenue, attaining $17.1B in revenues in 2018.

Key insights include the following:

With 19.5% market share, Salesforce has over 2X the CRM sales SAP has and over 3X of Oracle

Salesforce continues to dominate CRM globally, increasing its market share from 18.3% in 2017 to 19.5% in 2018. Adobe is the only other vendor to grow its market share in 2018. Microsoft and SAP successfully held onto to market share while Oracle lost share.

Adobe and Salesforce grew faster than the overall market, increasing CRM revenues 21.7% and 23.2% respectively

Adobe’s CRM sales jumped from $2B in 2017 to $2.4B in 2018. Salesforce CRM revenues increased from $7.6B in 2017 to $9.4B in 2018, growing the fastest of all competitors in this market. SAP grew 15.5% between 2017 and 2018, just below the overall market growth of 15.6%. Microsoft (15%) and Oracle (7.1%) grew slower than the market. The following graphic compares growth rates between 2017 and 2018.

Adobe dominates the marketing subsegment of CRM with 19% market share in 2018

Salesforce has 11.7% of the marketing subsegment, followed by IBM (5.7%), SAP (4%), Oracle (3.6%) and HubSpot (3.4%). Gartner estimates the marketing subsegment was a $12.2B market in 2018, increasing from $10.3B in 2017, achieving 18.8% growth in just a year.

Eastern and Western Europe were the fastest growing regions at 19.7% and 17.5% respectively

North America and Western Europe were the largest two regions with North America growing at 15.2% to reach $28.1B in revenue.

Sources:

Gartner Says Worldwide Customer Experience and Relationship Management Software Market Grew 15.6% in 2018

Market Share: Customer Experience and Relationship Management, Worldwide, 2018 (client access required)

https://www.cybersecuritycloudexpo.com/wp-content/uploads/2018/09/cyber-security-world-series-1.pngInterested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.