By Sher Miller
Cloud Marketing Manager
The Security Services Market Opportunity
For many businesses, large and small, the risk to their organization’s integrity, reputation, compliance and operations are dependent on maintaining the highest degree of security across their increasingly mobile workforce, highly distributed hybrid data center, and their SaaS vendor community.
But there are high costs involved in driving the adoption of SaaS security services, including:
- Monitoring and maintaining security systems effectively
- Managing the sprawl of enterprise security devices
- Attracting, hiring and retaining security professionals
- Staying on top of the rapidly changing threat landscape
IDC predicts worldwide revenues for security-related hardware, software and services will reach $81.7B in 2017 and continue to increase to an estimated $105B in 2020. Services will be the largest areas of security-related spend, comprising three of the five largest technology categories: managed security services, integration services and consulting services.
Companies are expected to spend nearly $31.2B on these three categories in 2017. That accounts for more than 38% of the worldwide total spend. Network security, combined hardware and software, will be the largest category at $15.2B, while endpoint security will be the third largest category at $10.2B. Diving a little deeper into the details, forecasts show the fastest growth segments include: device vulnerability assessment software, software vulnerability assessment, managed security services, user behavior analytics and UTM hardware.
Security as a Service: A Definition
Security as a service is a business model in which the service provider integrates their cloud-based security services into a corporate infrastructure on a subscription-based model. Leveraging economies of scale because they service multiple tenants, the service provider can also provide the security service more cost-effectively than the corporation or small business would be able to do it themselves. However, the security is limited to intellectual or informational property. This results in no financial outlay for on-premises hardware. Designed for shared application tenancy, security offerings are delivered in a model that eliminates data commingling among customers to address data governance issues and other security concerns.
Managed Security Services are usually offered in conjunction with security as a service to provide a holistic security solution. MSS allow for the outsourcing of some of the more highly technical skills and resources like 24×7 monitoring and management operations, thus saving the customer some of the cost of these resources, as they’ll share them with the other customers. These capabilities can complement the needs of the business customer.
The benefits of this shared security services model include:
- Quick scaling of the service, either up or down, to match the needs of the business
- Consumed as a utility with no capital investment to utilize the service
- Fast and transparent software upgrades and patches
- Cost-effective, highly scaled shared use of skilled resources and expensive capital investments
Classifying the Security Solutions
A wide range of SaaS offerings are available for solution providers to meet the individual requirements of their customers. The security as a service working group of the Cloud Security Alliance breaks those categories down as follows:
- Identity and access management (IAM): These solutions support the validation, provisioning and management of user accounts across many different platforms, as well as those supporting the authentication and access rights of users during sessions.
- Data Loss Prevention: This is the monitoring, protecting and verification of the security of data in all phases of use in all locations whether in the cloud or on premises.
- Security Assessment: This is typically a third-party audit of security provisions on client/server devices ranging from mobile devices to servers. These cloud-based solutions typically measure against industry standards.
- Intrusion Management: Algorithms are developed that use pattern recognition to identify statistically significant events. This may result in reconfiguring the current system to address the possible intrusion.
- Security Information and Event Management: These systems aggregate log and event information and then correlate the information into real-time reports. These reports will inform the necessity of intervention, or not.
- Encryption: This is the encoding of data in such a way as only the recipient holding the correct key can decode the information. Usually the algorithms that create the encoding are difficult or near impossible to break.
- Business Continuity and Disaster Recovery: These solutions are designed to ensure business operations continue virtually uninterrupted during the occurrence of a significant event, whether natural or man-made.
- Web, Email and Network security: These three markets provide resources that sit at key places on the network, often at ingress or egress points, to monitor activity and enforce policy on objects associated with network packets, email or Web sessions, respectively. The distinction of these markets is generally the buyer alignment in the enterprise — they are bought by different groups.
There are three principal delivery models for cloud-based security as a service. The choice is dictated by the role and constraints of the specific offering. In general, they fall into three reference architectures that may be mixed and matched based on the suppliers’ solution, types of assets being protected and the demands of the end-customer.
- Gateways: Generally these solutions are applied to web and network solutions. The principal security function is applied at the gateway as traffic passes through it.
- Hub-and-Spoke, Inline: These solutions operate in a hybrid of a cloud-based and (often) on-premises based asset. These are found in endpoint security offerings.
- Hub-and-Spoke, Management: These are instituted in many vulnerability management and end-user provisioning solutions. Functionality does not operate in the session and is run by administrators. These security services generally use connectors and frequently on-premises network elements to augment the solution.
In the ongoing battle against constantly evolving cyber threats, IT and security management face another threat: lack of skills and resources. Every security product will claim to secure a network, and yet none can guarantee ongoing protection due to the speed at which the landscape is changing. Failure to comply with regulations to protect personal and financial information and personal data will certainly erode public trust and may lead to fines. Building a robust security practice in-house is increasingly expensive at the same time CIOs are facing increased scrutiny and lower budgets.
Service providers and solution providers that re-sell security as a service solutions are perfectly positioned to take advantage of this confluence of events. Security as a service can lessen the burden on under-resourced, under-prepared security/IT teams at organizations both big and small. As assets continue to migrate to the cloud, security as a service offers a logical way to secure them. Security as a service also provides a more efficient way to provide protection and compliance to on-premises, hybrid and pure cloud models.
To find out more on security as a service offerings and the Arrow cloud offerings, platforms and enablement programs, contact Arrow at ECSCloudServices@arrow.com or call 877.558.6677.