Next-Gen Security (using Cloud)
1 like881 views
The document outlines the increasing threats in cybersecurity and the opportunities for cloud-based security services. It emphasizes the financial benefits and efficiency of real-time security as a service, especially for small to medium-sized businesses. Key points include a significant rise in malware, web attacks, and the importance of a managed service model for effective intrusion detection and prevention.
Next-Gen Security (using Cloud)
- 1. Security As A Service By Jim Kaskade March, 2011 Confidential Cheyenne Mountain Operations Center
- 2. Next Generation Managed, Real-Time Cloud Security As A Service
- 4. 2010 (per Symantec) 286M Malware Threats 93% Increase in Web Attacks 42% more mobile vulnerabilities 1M+ botnets
- 5. 2010 (per IBM) 13B events / day 49% of vulnerabilities from web apps 44% without a patch by year-end APTs now targeted, sophisticated & complex
- 9. Market Opportunity $17.0 $16.5 Annual Revenue $16.0 $14.8 $15.0 ($B) 11.3% 2009 CAGR $14.0 2010 $13.0 Gartner, 2010 WW Security SW Revenue (TAM) $3.0 $2.5 Annual Revenue $2.0 $1.6 16.5% ($B) CAGR 2011 $1.0 $9.5B 2014 HW+SW $0.0 IDC, 2010 WW IDPS SW Revenue (SAM)
- 10. Market Opportunity Managed Service Model $20.0 $17.0 Annual Revenue $15.0 23% $10.0 ($B) $6.0 CAGR 2010 $5.0 2015 $0.0 SaaS, CPE, Cloud MSSP Revenue
- 11. How Do Small-Medium Sized Businesses Deploy Cost-Effective Intrusion Detection & Prevention?
- 12. Real-Time Security As A Service Cloud Discovery Real-Time Reporting Administration Data Warehouse . . . . Data Real-Time . . Collector Database Predictive (WebSpy) (uCirrus) Analytics Engine (BotHunter) Raw Data Knowledge Store Store Internet Intranet Users Users
- 13. Leveraging The Community Company A Company C D C Original B Community Event A Knowledge Data Repository Company B Company D
- 14. Use-case BU Internet Enterprise Telecom Security As A Service Sensor Data Cloud Real-time Reporting Real-time Status/Control
- 15. Value Proposition Signature-less Real-time Network Detection / Protection Real-time Collection & Analysis of Information From Hosts, Security Devices, and Network Devices Real-time Reporting of Data & Discovery of Information No customization required Simple Cloud-based Deployment Cloud Economics
- 16. Pricing / TCO Differentiators 250-User Network (Annual Costs) $140,000 Subscription $120,000 $0 Security Staff Annual Security Costs ($) $100,000 Hardware/ Software $80,000 $80,000 $60,000 $40,000 $75,000 $25/User/Mth $20,000 $40,000 $0 $0 Traditional On-Prem Security Managed Secruity As A Service
- 17. Competitive Landscape Top Security Providers by Revenue: IDC, 2011 Legacy HW Appliance Model
- 18. Competitive Landscape SIEM IDPS
- 19. Cloud-based Landscape Sumo Logic MetaFlows Alert Logic IPTrust Symantec.cloud Sourcefire Immunet/Razorback Zscaler Webroot
- 20. Why Cloud? Light client applications – don’t have to burden having users constantly update end devices with heavy apps. End device performance does not become a concern – offload security software to cloud Uniform policy across the entire organization – single source for all security services = all devices must abide by a controlled set of consistent policies Centralized reporting platform for IT & Execs – a single view of the entire enterprise’s security state, which in many cases is half the battle. Zero latency in deployment – by having a global distribution network via cloud services, all organizations are covered quickly
- 21. Thank You!
- 22. Security Is Impacting Cloud Adoption IDC, 2010
Editor's Notes
- #2: Use Cheyenne Mountain to compare the “old vs. the new” in security technology & deployment.Cheyenne Mountain is a mountain located just outside the southwest side of Colorado Springs, Colorado, U.S., and is home to the Cheyenne Mountain Air Force Station[1] and its Cheyenne Mountain Directorate, formerlyknown as the Cheyenne Mountain Operations Center (CMOC).Throughout the Cold War and continuing to this day, the Cheyenne Mountain Operations Center and the Cheyenne Mountain Directorate collect data from a worldwide system of satellites, radar, and other sensors and process that information in real time. Operations are conducted year-round in the Air Warning Center, Missile Correlation Center, Operational Intelligence Watch, Systems Center, Weather Center, and the Command Center.The design of this facility makes it one of the most unusual installations in the world. Apart from the fact that it is housed 2,000 feet (600 m) into the mountain, it is also notable in that it is a joint and binational military organization comprising over 200 men and women from the Army, Navy, Marine Corps, Air Force, Coast Guard, and Canadian Forces.
- #5: http://www.symantec.com/business/threatreport/topic.jsp?id=threatreport&aid=executive_summary
- #6: http://venturebeat.com/2011/03/31/ibm-says-it-sees-13-billion-cybersecurity-alerts-every-day/IBM says it monitors 13 billion real-time security events every day for more than 4,000 clients. That’s about 150,000 events per second, which include anything from phishing attacks to false alarms.IBM found that there were 8,000 new web vulnerabilities discovered during 2010, up 27 percent from 2009. The adoption of smartphones within the enterprise posed added risks, raising the need for tighter security on password management and data encryption. Attacks against mobile phones are on the rise.“The numerous, high-profile targeted attacks in 2010 shed light on a crop of highly sophisticated cyber criminals who may be well-funded and operating with knowledge of security vulnerabilities that no one else has,” said Tom Cross, threat intelligence manager at IBM X-Force
- #7: http://www.cfr.org/technology-and-foreign-policy/confronting-cyber-threat/p15577
- #8: http://www.pcworld.com/article/170546/is_your_pc_botinfested_heres_how_to_tell.html
- #10: http://www.gartner.com/it/page.jsp?id=1422314http://www.networkworld.com/news/2011/010411-network-security.htmlThere's some early optimism about the information technology industry as the world steps into 2011. For one thing, the global network security market is expected to be on the rise, according to estimates from IDC, which forecasts a return to the growth of pre-recession levels this year.The global network security market, described as hardware and software with functionality that includes firewalls, VPNs, intrusion prevention and detection, and multi-purpose security known as unified threat management, is expected to show revenues of $8.16 billion in 2011. That's 8.1% more than 2010 revenues, which are reckoned at about $7.54 billion, according to November forecasts by IDC. While final numbers related to 2010 are still being compiled, 2010 is regarded as a year of revenue stabilization for the network security industry after the painful year of 2009, which saw revenues drop almost 1% from the year before to about $7.16 billion.Also read: Network World's 2011 Outlook packageIDC's network security market forecast anticipates that software will grow at a faster rate than hardware and that software-based solutions "will make up over 26% of the market by 2014," when the market is predicted to reach about $9.5 billion. Still, hardware-based appliances are expected to see the lion's share of revenues at $6.58 billion in 2011, growing to an expected $7 billion in 2014.
- #11: http://www.crn.in/ITChannel-006Apr011-Cloud-SaaS-Security-Creating-Big-Boom-For-MSPs.aspxhttp://it.tmcnet.com/news/2011/04/05/5425432.htmAccording to Infonetics, revenue for managed security services jumped 12 percent in 2010 and that number is expected to grow by several times over the next five years, with the managed security services market expected to hit $17 billion by 2015 on the backs of cloud and SaaS."2010 was a good year for managed security services, which, for the most part, met our expectations for buyer uptake and provider innovations. Revenue grew 12 percent in 2010 and will grow 62 percent over the next five years, driven by cloud-based services and SaaS," Jeff Wilson, analyst for security at Infonetics said in an analyst note. "Our 2010 forecast was 4 percent high, but there was no decrease in fundamental demand for managed security, just a sluggish global economy."According to the report, SaaS and cloud-based security services are expected to make up close to half of the overall managed security services market come 2015. That comes at a time when worldwide SaaS revenue is expected to dramatically increase over the next few years with a compound annual growth rate of 23 percent between last year and 2015.All told, Infonetics Research expects the overall managed security services market, which combines CPE, SaaS and cloud services, to inch close to $17 billion by 2015.And for managed service providers, managed security services offer a location independent offering, Infonetics Research found. According to the research, managed security services have already taken hold in North America and EMEA and massive growth is expected in Asia Pacific and Central and Latin America in coming years.In a second report, Infonetics found that security spending in virtualized environments is on the rise. According to the firm, companies expect to spend an average of 51 percent more on security for virtualized environments in 2012 than they did in 2010.Infonetics found that companies are turning to security for virtualized environments to prevent threats specific to virtual environments, prevent inter-virtual machine threats and to maintain secure server configurations.And as the market grows, the vendor landscape for security for virtualized environment is continuing to shake out."While the market leader in the data center/cloud security space is at this point undecided, at the center of the leadership puzzle is the emerging segment of security solutions for virtualized environments," Wilson wrote in an analyst note. "Microsoft (NSDQ:MSFT), Cisco (NSDQ:CSCO), and VMware lead in brand awareness and strength overall now, but this is only one -- admittedly early -- piece of the virtualization/data center security leadership puzzle. It's possible that when it comes down to who will actually be able to best monetize security solutions for virtualized environments, players with much lower brand presence will do better than some of the players with stronger overall brands, if they deliver a better product."
- #13: Key Requirements:1.Time to install 2.Time to configure for your environment 3.Out of the box protection - how many vulnerabilities are covered (including evasions)? 4.Ease of use 5.Integration with other network & security devices 6.Management, deployment, and frequency of coverage protection updates 7.Security policy definition and management 8.Security coverage protection with and without evasions while in midst of your network traffic 9.Resistance to false positives while in midst of your network traffic 10.High Availability 11. Reporting 12.Logging (is there enough for forensics?) 13.Level and cost of vendor technical support 14.Availability and cost of vendor product training
- #17: $75,000/yr (typical managed service cost for 250 users) = $25 / User / Mthx 12 x 250Would require a package of offerings….example service suite (some NewCo, some partnership): network boundary protection, including managed services for firewalls, intrusion detection systems (IDSs), and virtual private networks (VPNs) security monitoring (may be included in network boundary protection) incident management, including emergency response and forensic analysis. (This service may be in addition to security monitoring.) vulnerability assessment and penetration testing anti-virus and content filtering services information security risk assessments data archiving and restoration on-site consulting
- #18: Top Network Security:CISCOCheckPointJuniperFortinetSonicwall