IT security has never been more important, with levels of cybercrime continuing to climb and the adoption of cloud, mobile and IoT technologies increasing organizations’ ‘attack surface area’.  With organizations gathering more data than ever via digitization and big data, and attackers finding ever more sophisticated ways of targeting them, both the depth and breadth of attacks are increasing. Plus, the use of open source software has given attackers further opportunities to find and exploit vulnerabilities.

A typical large organization receives millions of security messages per year that require filtering from system logs to identify genuine security threats. One case example that demonstrates the effectiveness of security event filters is the work done by Atos for the 2012 London Olympics. Atos monitored 255 million syslogs, from which 4.5m significant events were identified, of which 5k were passed into the security operations center (SOC). Atos was able to reduce the number of security incidents to a manageable amount and prevent any security incidents impacting live competition.

NelsonHall’s latest IT Services report, Managed Security Services, examines the state of the global Managed Security Services (MSS) market, which we forecast to grow from $6.8bn in 2014 to $14.6bn by 2019 (16.5% CAAGR).

The report reveals that the largest challenge for organizations in securing their operations is the rising cost of cybersecurity. Other key challenges include access to cybersecurity skills, the ability to respond quickly to threats, and the ability to gain a holistic view of cybersecurity (i.e. across the entire attack surface area).

The war for cybersecurity talent is particularly fierce, with organizations finding it difficult to staff their own SOCs. An example is specialty pharmaceutical company ProStraken, whose team of six cybersecurity FTEs had difficulty in maintaining its security profile against ever increasing legislation, and who outsourced its IT infrastructure security management and vulnerability management to Dell.

The advantages of choosing an experienced security partner include:

• Increased speed of response
• Assistance in building proactive incident response plans
• Adding complementary services such as legal support/cyber insurance.

Currently, the top three MSS vendors by market share in the major regions are:

• Global – HP, Dell, IBM
• N. America – SAIC, AT&T, HP
• EMEA – Atos, HP, BT Global Services.

Critical success factors for MSS vendors include:

• A strong understanding of the entire IT security landscape, typically through a high level of security research
• An understanding of IT security in the context of the organization's security needs and specific industry sector
• Access to expertise for best of breed tools that the client organization lacks, and a willingness to work with existing security tools while offering best of breed tools.

The report Managed Security Services examines the changing shape of the MSS market, reveals customer requirements, market size & growth and vendor market shares by geography, and an analysis of critical success factors in this burgeoning market. To find out more, contact Guy Saunders.