Managed Security Market Assessment

Security plays a factor in protecting corporate information. With companies increasingly reliant on interconnected machines that span communication networks across geographies, risks increase for data to be vulnerable to espionage, corporate spies, and hackers. This market assessment on managed security examines managed outsourced services and technologies, such as intrusion detection services, authentication services, hosted application security, and other managed security offerings. These can be offered by a variety of companies, ranging from small niche players to national and global providers. Focus is on managed security offerings as a service, not as custom-managed products that cannot be replicated for other firms. Managed security services reduce the cost and labor of security for enterprises and networks and improve the efficacy of network security.

While network security has been a primary concern of the telecom market since the first circuit-switched networks began to take shape, with the IP evolution, managed security has developed significant traction. In particular, online strategies have expanded beyond the capabilities and capacities of the in-house IT staffs. In addition, the growing number of small and medium-sized enterprises (SMEs) tackling online strategies is providing a rapidly growing market for managed security providers.

Market Review:

• Partnerships Plus: Managed security firms are stepping up efforts with partnerships as another avenue for gaining clients. Norvergence and Fortinet in May announced a strategic partnership via which Norvergence will enhance its T1 Fortress security offering, integrating Fortinet’s FortiGate Antivirus Firewalls to protect against network and content-based threats. RedSiren in June expanded its channel partner program for deeper penetration among vertical markets and select geographic areas. In March, TruSecure also looked to integrate solutions deeper into the market with the help of its TruPartner Channel Program. MCI and VeriSign joined forces to deliver security solutions, including custom offerings and new authentication services. One of the solutions will be co- branded as Managed PKI.
• Denial of Service (DoS) Solutions Gain Proactive Stance: Multiple service providers have offered solutions for clients looking to mitigate DoS attacks. Many have reactive SLAs which require a customer to notify the service provider that an attack is in progress. AT&T, though, in June introduced a proactive service addition to its Internet Protect service to counter DoS and Distributed Denial of Service (DDoS) attacks. This real time solution has its SLA mandate to notify the client instead, and AT&T ups the market ante with this capability. MCI announced a suite of new managed security solutions and enhancements to its security portfolio in April to help businesses protect their information assets using a variety of security measures for the network to the desktop. While the move got MCI into the DoS game, it lacked the proactive solution that AT&T offered. Time Warner Telecom also introduced in June a managed security service that supports both CPE- based and network-based solutions, and its network solution also is touted for its counter DOS capability.
• More Forensics Options: As managed security companies look for new areas to expand, forensics is popping up more as a post event option for meeting regulatory compliance and gaining facts for prosecution. In June, VeriSign began working with Guidance Software to provide a security forensics service for its customers that can be operated remotely by VeriSign experts. The EnCase software from Guidance collects event data from various places on compromised computers to build a picture of what happened. This can help companies comply with regulations such as Sarbanes-Oxley and SB 1386.
• SMEs Gain: Options for small to midsized enterprises have increased in the managed security space as service providers tailor solutions that suit this market. Counterpane debuted in May its Counterpane Enterprise Protection Suite for small and mid-sized enterprises (SMEs), bringing its MSS solution to the SME marketspace. McAfee and Checkpoint have also joined forces to offer managed security for the small business market, delivering a firewall and anti-virus managed solution.
• Security Awareness: Ensuring that employees understand the significance of security across an organization continues to be one of the better deterrents against social engineering efforts by hackers. RedSiren in March expanded its InfoSec course offerings to include a security awareness program that clients can tap for all employees.
• Info Flow: Customers have recognized that they are interested in not just outsourced security, but also an information flow that can help their security understanding and awareness. In March, Symantec updated its Symantec Managed Security Services Secure Internet Interface, which provides clients with better visibility into their security posture and deeper perspective on how to mitigate risks in the global threat landscape. The Secure Internet Interface includes new work infection reports, at-a-glance summary pages, information on critical emerging threats, and vulnerabilities and recommendations on Symantec Managed Security Services’ response activity around global emerging threats.

Near-Term Market Drivers:

• Bigger is Better?: Major players are looking to gain size with added services and clients. Some are using acquisitions to gain scale quickly. This will also mean that players will see new expectations from clients as competition continues to percolate. Other players are also looking to gain better market reach, customer bases, and opportunity to reach users.
• Resource Constraints: End users are facing tight budgets, which in turn is pushing some companies toward outsourced security solutions that can deliver the necessary data protection without the heavy cost of doing it themselves. This may also drive the integrated security application, as vendors and service providers look to bundle more into their solution.
• Training to Understand: Clients continue to require better understanding of the dangers of lax security. Providers can deliver this with training, information resources, and support. Clients have an innate sense that in this new world, security is critical, but sales reps and others must be able to communicate to a client what is important in a security risk assessment. Those that can do this well will be able to grab market share.
• Vulnerability Assessments: One of the biggest near- term drivers for end-users is understanding what the security risks are. Clients are looking for vulnerability assessments and need consulting and ongoing assessments to evaluate their environments. In some cases, this is becoming necessary to fulfill legislative requirements.
• Legal Issues: Government legislation, such as the Health Insurance Portability and Accountability Act (HIPAA) and the Gramm-Leach-Bliley Act, are driving the health care and financial sectors to protect crucial data. In order to meet government standards, users often turn to outside companies for this security. The California Database Security Act is also fueling challenges for companies doing business in that state, which often means stepping up security efforts nationally as a result. Furthermore, corporate liabilities and penalties are boosters to get executive attention and action.
• Proactive To Preventative: From proactive SLAs that leave the onus on the service provider to understanding what is happening to a user in real time and comparing that against other users, the industry is shifting from reactive.

Long-Term Market Drivers:

• Complexity and Cost: As Web business models become increasingly complex, the security solutions grow more tangled for users. Businesses building online strategies from scratch can be overwhelmed by the initial investment of security solutions, while those trying to adapt existing solutions to evolving security concerns are besieged by maintenance costs. Like the classic Gordian knot, managed security providers can cut through the complexity to make things easy for clients.
• Device and Security Integration: While security used to be thought of as an “add-on” or an extraneous component of infrastructure, equipment makers are paying much closer attention to imbedded security functionality in devices and are actively attempting to integrate security as a value-added service. Furthermore, vendors are looking to unite service providers with standards programs that simplify client understanding and reduce the complexity of product buying.
• Knowledge Database Resources: One of the key resources for security analysts and those actively monitoring security is a knowledge database of attack patterns and other descriptions of the enemy. It saves reinventing the wheel and provides a faster response to known threats. Service providers can provide significant value from the spectrum of clients they support, gaining synergy from the shared information tracked in these databases.
• Lack of Trust: End-users whether they are corporate users putting a business plan on a server or a consumer buying a CD have ingrained habits that they are not necessarily willing to give up. For example, no matter how good an online bank’s security system is, a consumer will have to be convinced that its services are not only as good as a brick and mortar bank’s services, but better.
• Social Engineering: Clients still face the security risk that employees represent just through the human desire to be helpful, and hackers exploit this through “social engineering.” A component of managed security will need elements of employee training to build awareness of outside threats.