Fragmentation of the information security services market is preventing many enterprise and public organisations from deploying essential security policies, industry experts have warned.

In its latest report, The Shifting Landscape: US Information Security Services, 2002, analyst firm IDC said that the global IT security services market will be worth $23bn (£15bn) annually by 2006, but is categorised by immaturity which leaves it fragmented and highly dynamic.

"For those organisations that have been early adopters and invested in security policies, procedures, and technologies, the benefits and value-add provided by service providers are coming to fruition.

Information security service include consulting, implementation, management, response and education.

The firm's research reveals that over the course of the past year, information security services vendors have focused their efforts on broadening service portfolios, expanding the knowledge and expertise of their security professionals, and targeting key verticals.

Allan Carey, programme manager of Information Security Services at IDC and the author of the report, said: "The market environment for information security services continues to be highly competitive as providers fight for mindshare and budget dollars.

"Educating existing and potential customers and having subject matter expertise in targeted vertical markets are two elements we believe to be crucial for vendors seeking to gain competitive advantage or merely build upon their existing business strategy in the information security services market."