Managed Security Services

Similar documents
Life, Annuities and Pensions BPO

Recruitment Process Outsourcing Market Segment: Overall

Mortgage and Loan BPO

MSP NEAT EVALUATION FOR KELLYOCG: NEAT Evaluation: MSP (Talent Management Focus) Market Segment: Talent Management Focus

Payroll BPO 2015 NEAT EVALUATION FOR RAMCO: Introduction. Market Segments: Overall & Multi-Country Focus

Multi-Process HR Outsourcing Market Segment: Overall

TCS Managed Security Services

Payroll Services 2015

Application Outsourcing

Managed Service Programs (MSP)

Services. Cybersecurity. Capgemini & Sogeti. Guiding enterprises and government through digital transformation while keeping them secure

Phone: Fax:

Address C-level Cybersecurity issues to enable and secure Digital transformation

2012 North American Managed Security Service Providers Growth Leadership Award

Cyber Security Market by Solution - Global Forecast to 2020

Testing the Security of your Applications

IBM Security Operations Center Poland! Wrocław! Daniel Donhefner SOC Manager!

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

Wealth & Asset Management BPS

IDC MarketScape: Asia/Pacific Managed Security Services 2015 Vendor Assessment

MarketsandMarkets. Publisher Sample

Ovum Decision Matrix: Selecting a Managed Security Services Provider,

Vulnerability Management

Unisys Innovation Plan

TBR. Demand for Engineering Services Outsourcing is increasing, particularly for offshore vendors. May 2012

Changing the Enterprise Security Landscape

CyberArk Privileged Threat Analytics. Solution Brief

Symantec Enterprise Security: Strategy and Roadmap Galin Grozev

Brochure More information from

The Changing IT Risk Landscape Understanding and managing existing and emerging risks

1 of 8 3/18/2013 4:59 PM

How to Define SIEM Strategy, Management and Success in the Enterprise

3Q15 Financial Release CEO/CFO Statements October 21, 2015 Niels Christenson, IRO Peter Altabef, CEO

BPO in Manufacturing: Catching the New Wave of Innovative Services

The Current State of Cyber Security

All about Threat Central

Synergic Partners: Spanish big-data pioneer

How To Compare Managed Security Services In Australia/Pb

Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Landscape

MarketsandMarkets. Publisher Sample

HP Fortify Software Security Center

Accenture Is A Leader Among Global Infrastructure Outsourcing Vendors

2015 Pyramid Research Latin America Telecom Insider

Cybersecurity Strategic Consulting

- This study provides an in-depth analysis of MSS market with current and future trends to elucidate the imminent investment pockets in the market.

COMBATING CYBER THREATS: A HOW TO FOR THE CISO.

Решения HP по информационной безопасности

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center

El costo oculto de las aplicaciones Vulnerables. Faustino Sanchez. WW Security Sales Enablement. IBM Canada

While you are waiting for our webinar to begin, you might be interested in the downloads on the Attachment tab:

Symantec Managed Security Services The Power To Protect

Payment Card Industry Data Security Standard

With Cloud Defender, Alert Logic combines products to deliver outcome-based security

IBM Security X-Force Threat Intelligence

Testing the Security of your Applications

> Cognizant Analytics for Banking & Financial Services Firms

Global Software Testing Services Market

Fight fire with fire when protecting sensitive data

Capgemini taps Gravitant for cloud broker role

Global Infrastructure Outsourcing Market

Africa Cyber Security Market by Solution, by Service, by Verticals, by Country - Global forecast to 2020

Next-Generation Building Energy Management Systems

Business Case Outsourcing Information Security: The Benefits of a Managed Security Service

I.T. Security Specialists. Cyber Security Solutions and Services. Caretower Corporate Brochure

Securing the Cloud infrastructure with IBM Dynamic Cloud Security

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model

Analytics Business Process Services (BPS) Service Provider Landscape with PEAK Matrix Assessment 2015

Business white paper. Missioncritical. defense. Creating a coordinated response to application security attacks

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

IDC MarketScape: Worldwide Oracle Implementation Services Ecosystem 2014 Vendor Assessment

How To Buy Nitro Security

ESG Brief. Overview by The Enterprise Strategy Group, Inc. All Rights Reserved.

Understanding the Security Vendor Landscape Using the Cyber Defense Matrix

CaaS Think as a bad guy Petr Hněvkovský, CISA, CISSP HP Enterprise Security

North American Electric Reliability Corporation (NERC) Cyber Security Standard

Everest Group PEAK Matrix TM for Supply Chain Management (SCM) BPO Service Providers

Managed Security Service Providers vs. SIEM Product Solutions

Symantec Cyber Security Services: DeepSight Intelligence

1 Introduction Product Description Strengths and Challenges Copyright... 5

Everest Group s PEAK Matrix for Independent Testing Services

Global Managed Security Services Market Regulatory Compliance and Advanced Threat Protection Induce Organizations to Outsource Security

IBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer

Cyber Security Services: Data Loss Prevention Monitoring Overview

Symantec Protection Center Enterprise 3.0. Release Notes

Integrating MSS, SEP and NGFW to catch targeted APTs

Logging In: Auditing Cybersecurity in an Unsecure World

Defending Against Data Beaches: Internal Controls for Cybersecurity

Unified Security, ATP and more

Security Operation Centre 5th generation

The Growing Need for Real-time and Actionable Security Intelligence Date: February 2014 Author: Jon Oltsik, Senior Principal Analyst

Advanced Threats: The New World Order

Critical Controls for Cyber Security.

Transcription:

NEAT EVALUATION FOR UNISYS: Managed Security Services Market Segment: Overall This document presents Unisys with the NelsonHall NEAT vendor evaluation for Managed Security Services (MSS) for the Overall market segment. It contains the NEAT graph of vendor performance, a summary vendor analysis of Unisys in MSS, and the latest market analysis summary for MSS. An explanation of the NEAT methodology is included at the end of the document. The vendors evaluated are: Cognizant, CGI, CSC, CSS Corp, Dell SecureWorks, Dimension Data, HP, Mindtree, Symantec, Tata Consultancy Services (TCS), Unisys, and Wipro. Introduction NelsonHall has assessed and evaluated Unisys proposition against demand for Managed Security Services (MSS), and has identified Unisys as a Leader in the Overall market segment, demonstrating its ability both to deliver immediate benefit to clients and meet future client requirements in MSS. The Overall NEAT graph for MSS is shown on page 2. NelsonHall 2015 1 November 2015

NEAT Evaluation: Managed Security Services (MSS) Buy-side organizations can access the MSS NEAT tool here. NelsonHall 2015 2 November 2015

Vendor Analysis Summary for Unisys Overview In 2009, Unisys relaunched its entire portfolio around a number of key capabilities; cyber and physical security was one of four key pillars of the revamped portfolio. Unisys operates its security operations from its eight security operations centers (SOCs), primarily via a follow the sun methodology and with onsite operations. Unisys uses HP ArcSight in conjunction with its Unisys Noise Cancellation Advanced Analytics Platform (UNCAAP) for security information and event management. In November 2008, Unisys launched its Stealth solution (initially developed for the U.S. defense sector with partner Security First) for government and commercial organizations. Stealth encrypts data across networks using bit splitting. Since its introduction Unisys has expanded the Stealth offering to include Stealth for mobile, the virtual terminal and AWS as well as introducing a reseller channel. Financials Unisys' global revenues in 2014 were $3,356m of which: $2,786m was from services, and IT infrastructure outsourcing accounted for $1,705m $571m was from technology. Q1-Q3 2015 service revenues were $1,957m, down 6.7% y/y, with IT infrastructure outsourcing revenues up 1% to $1,147m. Full year 2015 services revenues are likely to be in the region of $2.7bn, with IT infrastructure outsourcing revenues around $1.65bn. NelsonHall estimates that 2015 managed security services will be ~13% of the IM business, or ~$175m. Of this, NelsonHall estimates that Unisys' managed security services revenue split, by activity, will be: Security information and event management: 35% (~$61m) Security monitoring and management: 30% (~$53m) Threat and risk intelligence: 20% (~$35m) Content filtering: 5% (~$9m) Security as a service (a SaaS offering): 10% (~$18m). NelsonHall 2015 3 November 2015

Strengths The Unisys Noise Cancellation Advanced Analytics Platform (UNCAAP) correlates events, reduces the number of events that need to be processed and increases true positive rate. Combined with its strong presence in Bangalore, operational costs are reduced Unisys is also in a position to provide a client's infrastructure and security services. This should benefit the client and enable Unisys to enact threat resolutions more quickly and with more knowledge of the infrastructure Unisys' Stealth solutions offer a different type of cyber security; rather than protecting against threats across a client's network, important data is safeguarded by making it effectively undetectable. Besides the benefit to the client that Stealth brings, with its increased security, it also requires the client to assess the sensitivity of each of its end points, a useful practice when considering cyber security Value added services like the SIR report give clients a more in depth view of the vulnerabilities and malware that they could be affected by, in relation to their own infrastructure, software, and policies. Challenges Due to the large amount of automation with event management processes using ArcSight and UNCAAP, a number of events marked as low level occasionally slip through analysis; this can sometimes lead to a delay in detecting events Unisys is reliant on a number of large contracts, for example the contract with the large banking group (see Target Markets section) The expansion of its reseller program for its IP adds competition for its Stealth offerings. Strategic Direction In addition to continuing to develop its existing security clients, Unisys is looking to cross-sell its security services to systems integration and infrastructure services clients. It is also looking to increase take up of its security-as-a-service offerings, including SIEM and DLP services, both by existing clients and also by new logos. There has been a recent push for security services leveraging Stealth around mobile, including its 'get to zero' initiative, which aims to reduce to zero the number of cyber security incidents affecting a client. Unisys sees the Stealth solution as the most current cybersecurity solution in its portfolio, and will be looking to expand research and development from more standard cybersecurity solutions. Unisys will also be looking to continue to develop partnerships and expand the security ecosystem around the Stealth offerings, such as the partnership with Capgemini to act as a reseller, and expanding the scope for the Stealth for Mobile or for AWS. NelsonHall 2015 4 November 2015

Outlook Unisys positions as a full service IT service vendor, with its managed security services being cross-sold by its data center and SI clients. One of Unisys' core areas is cyber and physical security across its portfolio; the company's ClearPath systems boast a low number of vulnerabilities. Unisys is likely to continue growing its managed security services as a proportion of its overall Services revenues. NelsonHall expects revenues from the Unisys managed security services to reach ~$300m by 2018, a CAGR of over 16%, in line with global market growth for managed security services. In 2016, expect: Further investment in expanding the Unisys Stealth offering, and for adoption of recently enhanced areas to increase, for example in Stealth for mobile/iot and AWS. Unisys' managed Stealth offering to grow as clients move from a traditional managed security offering, and despite competition within its own reseller channel. NelsonHall 2015 5 November 2015

MSS: Market Summary Buy-Side Dynamics Key challenges for organizations looking to outsource managed security services include: Increasing cost of cybersecurity, while demonstrating ROI Access to cybersecurity skills and up to date information Ability to respond quickly to threats Ability to gain a holistic view of cybersecurity Strengthening social engineering around security Uneven workloads. Market Size & Growth The global managed security service market is currently estimated by NelsonHall at $6.8bn, and is expected to grow at 16.5% CAAGR through to 2019. North America is the largest region in managed security services, with an estimated ~43% of market share, and is expected to account for $6.3bn in 2019. EMEA is estimated to have ~38% of the market and is expected to grow at 16.9% CAAGR to 2019, led by the U.K. with 17.6%. A portion of the growth will be attributable to the introduction and enforcement of the EU General Data Protection Regulation. The Asia Pacific managed security services market is estimated to be worth $1.1bn, and will have growth driven by IP DLP in defense of corporate espionage. In Latin America growth will be driven by the defense of organized crime, particularly in Brazil. Success Factors Critical success factors for vendors within the managed security services market are: A strong understanding of the entire IT security landscape, typically through a high level of security research An understanding of IT security in the context of the organization's security needs and industry Access to expertise for best of breed tools that the client organization lacks, and willingness to work with existing security tools while offering best of breed tools Well defined responsibility for the contract with service expectations, escalation procedures and incident response plans clearly established at the start of contracts Through research into emerging technologies, the ability to provide security in support of emerging types of IT (cloud, mobile, IoT) The ability to not only take over existing security processes but to maximize the coverage of security NelsonHall 2015 6 November 2015

Increasing the detection rate of cyber threats while increasing the reliability and speed of detection and response to threats, by reducing the number of false positives and negatives found 24/7/365 full service availability. Outlook Over the next few years: MSSP R&D spend on automation will increase to handle an increased number of events from IoT and BYOD To speed up incident resolution, vendors will move to automatic remediation for low level events, transferring people to event research As the speed of resolution of events becomes more critical, more contracts will include incident management More contracts will involve incident response planning and ancillary services including legal services and cyber insurance As collaborative threat databases become the norm, vendors will shift man hours from penetration testing to building advanced automated scanning tools, while focusing on advanced scanning methods such as building visual representations to increase the speed of vulnerability scans with pattern recognition The construction of RASP technologies to self-protect applications Skills shortages and an increasing number of events will hamper growth in onshore services. NelsonHall 2015 7 November 2015

NEAT Evaluations for MSS NelsonHall s (vendor) Evaluation & Assessment Tool (NEAT) is a method by which strategic sourcing managers can evaluate outsourcing vendors and is part of NelsonHall's Speed-to- Source initiative. The NEAT tool sits at the front-end of the vendor screening process and consists of a two-axis model: assessing vendors against their ability to deliver immediate benefit to buy-side organizations and their ability to meet client future requirements. The latter axis is a pragmatic assessment of the vendor's ability to take clients on an innovation journey over the lifetime of their next contract. The ability to deliver immediate benefit assessment is based on the criteria shown in Exhibit 1, typically reflecting the current maturity of the vendor s offerings, delivery capability, benefits achievement on behalf of clients, and customer presence. The ability to meet client future requirements assessment is based on the criteria shown in Exhibit 2, and provides a measure of the extent to which the supplier is well-positioned to support the customer journey over the life of a contract. This includes criteria such as the level of partnership established with clients, the mechanisms in place to drive innovation, the level of investment in the service, and the financial stability of the vendor. The vendors covered in NelsonHall NEAT projects are typically the leaders in their fields. However, within this context, the categorization of vendors within NelsonHall NEAT projects is as follows: Leaders: vendors that exhibit both a high ability relative to their peers to deliver immediate benefit and a high capability relative to their peers to meet client future requirements High Achievers: vendors that exhibit a high ability relative to their peers to deliver immediate benefit but have scope to enhance their ability to meet client future requirements Innovators: vendors that exhibit a high capability relative to their peers to meet client future requirements but have scope to enhance their ability to deliver immediate benefit Major Players: other significant vendors for this service type. The scoring of the vendors is based on a combination of analyst assessment, principally around measurements of the ability to deliver immediate benefit; and feedback from interviewing of vendor clients, principally in support of measurements of levels of partnership and ability to meet future client requirements. NelsonHall 2015 8 November 2015

Exhibit 1 Ability to deliver immediate benefit : Assessment criteria Assessment Category MSS Offerings MSS Delivery MSS Presence Benefits achieved Assessment Criteria SIEM Application Security Endpoint Security IAM Threat Database Maturity Penetration Testing Event Throughput Ability to Offer as Part of Larger IT Infrastructure Deal Firewall Overall MSS Offerings Ability to Offer Dedicated Delivery Delivery in Support of North America Delivery in Support of U.K. Delivery in Support of Rest of EMEA Delivery in Support of APAC Delivery in Support of LATAM Languages Supported Scale of FTE support Security IP Single Touch Point Offshore Focus Scale of Delivery to Financial Services Scale of Delivery to Government Scale of Delivery to Manufacturing Scale of Delivery to Retail Scale of Delivery to Energy & Utilities Automation of Security Dashboard or Portal Offered SLA Flexibility Detection and Response Time Cost Reduction Introduction of Security Frameworks Staff Training Offered Recovery/Damage Control Demonstrated NelsonHall 2015 9 November 2015

Exhibit 2 Ability to meet client future requirements : Assessment criteria Assessment Category Suitability to Deliver Future Benefits Investment in MSS Assessment Criteria Area of Investment in Centers: Onshore Area of Investment in Centers: Offshore Investment in Automation Investment in Threat Database Additional Security Research Conducted Industry Specific Security Research FTE Growth Security Roadmap Detailed Financial Rating Partnerships for MSS For more information on other NelsonHall NEAT evaluations, please contact the NelsonHall relationship manager listed below. research.nelson-hall.com Sales Enquiries NelsonHall will be pleased to discuss how we can bring benefit to your organization. You can contact us via the following relationship manager: Guy Saunders at guy.saunders@nelson-hall.com Important Notice Copyright 2015 by NelsonHall. All rights reserved. No part of the publication may be reproduced or distributed in any form, or by any means, or stored in a database or retrieval system, without the prior written permission of the publisher. The information provided in this report shall be used only by the employees of and within the current corporate structure of NelsonHall s clients, and will not be disclosed to any other organization or person including parent, subsidiary, or affiliated organization without prior written consent of NelsonHall. NelsonHall exercises its best efforts in preparation of the information provided in this report and believes the information contained herein to be accurate. However, NelsonHall shall have no liability for any loss or expense that may result from incompleteness or inaccuracy of the information provided. NelsonHall 2015 10 November 2015

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information