Business Case Outsourcing Information Security: The Benefits of a Managed Security Service



Similar documents
MANAGED SECURITY SERVICES (MSS)

MANAGED SECURITY SERVICES (MSS)

Payment Card Industry Data Security Standard

2012 North American Managed Security Service Providers Growth Leadership Award

Managed Security Service Providers vs. SIEM Product Solutions

AN EXECUTIVE S GUIDE TO BUDGETING FOR SECURITY INFORMATION & EVENT MANAGEMENT

Security. Security consulting and Integration: Definition and Deliverables. Introduction

PCI DSS Reporting WHITEPAPER

North American Electric Reliability Corporation (NERC) Cyber Security Standard

Cisco Advanced Services for Network Security

IBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer

PCI DSS Top 10 Reports March 2011

Current IBAT Endorsed Services

LOG AND EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE

LOG MANAGEMENT AND SIEM FOR SECURITY AND COMPLIANCE

Clavister InSight TM. Protecting Values

Click to edit Master title style. How To Choose The Right MSSP

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

RSA envision. Platform. Real-time Actionable Security Information, Streamlined Incident Handling, Effective Security Measures. RSA Solution Brief

NEC Managed Security Services

Incident Response and the Role of External Services

Alcatel-Lucent Services

IBM QRadar Security Intelligence April 2013

IBM Security QRadar Risk Manager

Security solutions White paper. Acquire a global view of your organization s security state: the importance of security assessments.

How To Manage Security On A Networked Computer System

IBM QRadar as a Service

ForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM)

Extreme Networks Security Analytics G2 Vulnerability Manager

Safeguarding the cloud with IBM Dynamic Cloud Security

Demonstrating the ROI for SIEM: Tales from the Trenches

IBM Security IBM Corporation IBM Corporation

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

IBM Security QRadar Risk Manager

Caretower s SIEM Managed Security Services

How To Buy Nitro Security

DEMONSTRATING THE ROI FOR SIEM

Advanced Visibility. Moving Beyond a Log Centric View. Matthew Gardiner, RSA & Richard Nichols, RSA

SP Monitor. nfx One gives MSPs the agility and power they need to confidently grow their security services business. NFX FOR MSP SOLUTION BRIEF

Extreme Networks Security Analytics G2 Risk Manager

IBM Security QRadar Vulnerability Manager

Selecting a Managed Security Services Provider: The 10 most important criteria to consider

BlackStratus for Managed Service Providers

Cyber Security solutions

Preemptive security solutions for healthcare

Compliance Guide ISO Compliance Guide. September Contents. Introduction 1. Detailed Controls Mapping 2.

Managed Security Services for Data

Tata Communications Security Outsourcing. A Must-have for Entry into the Global Economy.

Cisco Security Optimization Service

nfx One for Managed Service Providers

Continuous Network Monitoring

TOP 10 WAYS TO ADDRESS PCI DSS COMPLIANCE. ebook Series

Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER

The Case for Managed Security Services for Log Monitoring and Management

QRadar SIEM 6.3 Datasheet

Scalability in Log Management

World Security Information and Event Management (SIEM) and Log Management Products Market

SIEM Implementation Approach Discussion. April 2012

STREAM Cyber Security

Preempting Business Risk with RSA SIEM and CORE Security Predictive Security Intelligence Solutions

HP Security Framework. Jakub Andrle

The Business Value of Managed Security Services

With Cloud Defender, Alert Logic combines products to deliver outcome-based security

Vulnerability Management

PCI Requirements Coverage Summary Table

Achieving SOX Compliance with Masergy Security Professional Services

Achieving Regulatory Compliance through Security Information Management

Managed Security Monitoring Quick Guide 5/26/ EarthLink. Trademarks are property of their respective owners. All rights reserved.

I D C A N A L Y S T C O N N E C T I O N

IT Security Strategy and Priorities. Stefan Lager CTO Services

Symantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team

ClearSkies. Re-Defining SIEM

PREMIER SERVICES MAXIMIZE PERFORMANCE AND REDUCE RISK

Managed Intrusion, Detection, & Prevention Services (MIDPS) Why Sorting Solutions? Why ProtectPoint?

MANAGED SECURITY SERVICES

SHARE THIS WHITEPAPER. Top Selection Criteria for an Anti-DDoS Solution Whitepaper

DETECT AND RESPOND TO THREATS FROM THE DATA CENTER TO THE CLOUD

Adopt a unified, holistic approach to a broad range of data security challenges with IBM Data Security Services.

Der Weg, wie die Verantwortung getragen werden kann!

Unified Security Anywhere SOX COMPLIANCE ACHIEVING SOX COMPLIANCE WITH MASERGY SECURITY PROFESSIONAL SERVICES

How To Protect Your Network From Attack From A Network Security Threat

Cyber Security Services: Data Loss Prevention Monitoring Overview

LOG INTELLIGENCE FOR SECURITY AND COMPLIANCE

Best Practices to Improve Breach Readiness

Leveraging security from the cloud

NERC CIP Compliance with Security Professional Services

FIVE PRACTICAL STEPS

CORE INSIGHT ENTERPRISE: CSO USE CASES FOR ENTERPRISE SECURITY TESTING AND MEASUREMENT

CLOUD GUARD UNIFIED ENTERPRISE

IBM Security Intelligence Strategy

IBM Managed Security Services Vulnerability Scanning:

ALERT LOGIC FOR HIPAA COMPLIANCE

Security Services. A Solution for Providing BPM of Security Services within the Enterprise Environment.

Best Practices for Building a Security Operations Center

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

Intelligence Driven Security

Teradata and Protegrity High-Value Protection for High-Value Data

SYMANTEC MANAGED SECURITY SERVICES. Superior information security delivered with exceptional value.

Transcription:

Business Case Outsourcing Information Security: The Benefits of a Managed Security Service seccuris.com (866) 644-8442

Contents Introduction... 3 Full- Time Experts vs. a Part- Time In- House Staff... 3 Established, State- of- the- Art Infrastructure... 4 Full- Time Security and Accountability... 4 Specialized Forensics Services... 5 MSSP: A Cost- Effective Solution... 5 Extended Cost Structure... 6 The Right Solution for Managed Security Service... 7 2 Copyright 2014

Introduction Over the past decade, the level of attacks, breaches and potential dangers to vital data/information security have escalated to the point where organizations in every industry are taking measures to ensure their assets and technical infrastructures are safeguarded. A key part of that protection is knowing where your environment is vulnerable and the type of risks that may threaten it. While there are a multitude of threat and vulnerability monitoring solutions available, including a product- based Security Information and Event Management (SIEM) solution, the key is determining which option is the most effective and efficient for each organization. But no matter which solution your organization may choose, in most cases, it will cost you a considerable amount of time, money and effort to install, develop and maintain both the technology and personnel necessary to monitor your system 24 hours a day. Rather than installing an in- house monitoring system, a more cost- effective solution may be to outsource the responsibilities to a proven Managed Security Services Provider (MSSP) that will observe and preserve critical data on your organization's behalf. In order to determine if a product- based SIEM or an MSSP is the right choice for your organization's security, there are several factors to consider, including expertise, training, staff, technology, infrastructure and accountability, as well as initial and extended costs. Full- Time Experts vs. a Part- Time In- House Staff In most cases, organizations attempting to create an in- house security service are only able to dedicate a part- time staff due to cost constraints, or simply because there is not enough effort to justify adding additional personnel to monitor the service full time. As a result, it is difficult to expect part- time staffs to develop the same expertise as Information Security (IS) professionals at MSSPs who not only work exclusively in security, but also bring a broad, cross- industry perspective to the service. Typically, since MSSP analysts 3 Copyright 2014

possess years of experience providing information security to multiple customers, they have developed insight and expertise in a wide variety of security issues, solutions, and products. MSSP organizations also typically support capability teams across various security specialities, including threat and vulnerability management, audit and compliance, and more. Therefore, an MSSP can provide a higher- level of expertise and value to your organization than trying to hire, develop and maintain an in- house department and personnel. Established, State- of- the- Art Infrastructure Many MSSPs have established, dedicated security operations centers (SOCs) that are physically hardened sites with state- of- the- art infrastructure managed by trained personnel. MSSPs are also frequently government certified for secure data handling and controls. This certification requires regular audit and assessment of logical and physical security controls in place, as well as security clearance requirements for all staff working within the SOC. This provides a level of assurance and infrastructure resiliency that would be difficult or even impossible for organizations to replicate in- house. Full- Time Security and Accountability MSSPs offer expert near real- time security monitoring and services 24 hours a day, seven days a week. They can also be held accountable for the service standards they provide, including availability, response and escalation service level expectations. It is typically extremely difficult and costly to replicate this level of security service in- house because staff may be limited to monitoring during normal business hours. Even organizations that implement on- call services after hours do not have the full protection that 24- hour MSSP services offer. 4 Copyright 2014

Specialized Forensics Services Information security solutions and technologies such as firewalls, intrusion detection and prevention systems (IDS/IPS), virtual private networks (VPNs), and vulnerability assessment tools are far more effective when they are managed and monitored by dedicated and specialized security services professionals offered by MSSPs. These professionals are better able to determine the validity and true priority of every security threat and vulnerability. They focus on security response efforts so an organization's in- house staff can concentrate on other vital IT issues. MSSP s also provide an enhanced level of support for products both developed by the MSSP and trusted third- party provider products monitored by the MSSP. MSSP: A Cost- Effective Solution As indicated above, the cost for an organization to develop and maintain an in- house information security department is, in most cases, considerably more expensive than outsourcing to an MSSP. In order to provide the same level of 24- hour monitoring service as an MSSP, an organization needs to consider costs that include the price of an initial SIEM product hardware and software, as well as future upgrades and replacements; a minimum of four security analysts that require initial and ongoing training; and the supporting infrastructure to accommodate all of them. In contrast, outsourcing to an MSSP is a more affordable solution because MSSPs use a utility/shared services model that enables costs to be spread over multiple clients, which reduces the cost per client. 5 Copyright 2014

Here is an example cost breakdown of outsourcing an MSSP for a 100-200 staff organization: One Time Cost In House SIEM OneStone Savings % SIEM Appliance & Storage $45,000 Included Internal Staff Implementation Effort Cost* $6,400 Included End User Training $3,000 Included Internal Staff Deployment Support $1,600 OneStone Fees $3,200 Total One Time $54,400 $4,800 $49,600 91% Annual Cost In House SIEM OneStone Savings % Security Analysts - 2; Primarily business hr coverage $140,000 Included Annual Training and Certification $6,000 Included Maintenance and Support Agreement $9,000 Included Depreciation - 4 year useful life $11,250 Included Internal Staff Remedation to Escalated Events $4,080 OneStone Fees $129,600 Total Annual $166,250 $129,600 $36,650 22% *SIEM pricing based on SC Magazine review of price and appliance recommended for organizational size. ** Based on two- person staff working two weeks. Comparison of total annual costs for the above and other size organizations: SIEM - In House OneStone $500,000 $400,000 $300,000 $200,000 $100,000 $0 Small Organization < 50 Staff Midsize Organization 100-200 Staff Large Organization 500-1000 Staff Enterprise Organization 1000-3000 Staff Extended Cost Structure It is the nature of capital expenses to prove more expensive in the year it is purchased with a tendency to lower the total cost of ownership over an 6 Copyright 2014

extended period. The table below shows a five- year comparison of the cost of an in- house SIEM vs. an MSSP. The SIEM includes the total costs of software licenses, SOC infrastructure, computing resources, product maintenance fees, and professional consulting services: Time Frame SIEM Solution MSSP Savings % Year 1 Cost Comparison $ 332,560 $ 225,860 $ 106,700 32% 3 Year Total Cost Comparison $ 840,880 $ 662,400 $ 178,480 21% 5 year Total Cost Comparison $ 1,427,600 $ 1,104,000 $ 323,600 23% The cost benefit of an MSSP decreases in around year three, beginning to favor the SIEM solution. But it is important to keep in mind that most SIEM solutions will likely need a hardware/software refresh within four to five years, which can cost.8 to 1.5 times the cost of the original solution. The Right Solution for Managed Security Service The OneStone Information Assurance Portal is a managed information security service that provides organizations 24x7 visibility into security issues and risks across the enterprise. Utilizing Seccuris advanced security information and event management technology, OneStone enables organizations to select various information security monitoring, vulnerability and threat assessment, and asset management services on demand. Threat Management: OneStone provides 24 7 monitoring and management of internal and external threats to an organization s network environment. Once a threat event, data loss or malicious activity is identified and validated, the OneStone Threat Management service delivers an alert and escalates the potential threat via the portal and e- mail enabling corrective action to be taken. Tailored event correlation, backed by Seccuris expert analysts, and integrated, automated incident handling workflow adapt to any organization s threat management requirements and processes. 7 Copyright 2014

Vulnerability Management: OneStone provides on- demand scanning and assessment of the technical and environmental vulnerabilities in an organization s computing infrastructure. Detailed dashboard screens and available reports identify, quantify, and prioritize the information security strengths and weaknesses of an organization s computing environment and provide a plan- of- action to mitigate the risk of serious consequences Asset Classification and Tracking: OneStone tightly couples organizational assets with threat and vulnerability data, enabling business risk to be more effectively measured. Information assets are identified and classified based on business criticality, function, and importance, allowing calculation of related threats and vulnerabilities to present a complete risk picture. Customers can generate reports dynamically for compliance, performance, and assurance issues via the OneStone interface. Knowing the value of your asset that is being threatened can help prioritize the alert and remediation activities. Log Management: OneStone extends the threat management capabilities by providing vital referential data via access to historical log information that has been collected and processed by OneStone. The capability provided by OneStone focuses on incidents actually impacting the business supporting effective risk- based decision making at all levels of the organization based on accurate real- time information about the organization s current security posture and exposure to the external environment. For Executives this means a top- down view of the organization s information security risk exposure and how it affects their business objectives and critical information assets. For Information Security Managers it provides an operational view of the status of security incidents and the organization s current security 8 Copyright 2014

posture. It also enables more effective decisions for planning security operations and executing day- to- day activities. For Information Security Analysts and IT Practitioners it provides an advanced tool- set (including state- of- the- art correlation algorithms, security information event management, and workflow applications) for identifying and correlating threat events, prioritizing and responding to incidents, managing vulnerabilities, and supporting daily security operations. 9 Copyright 2014

About Seccuris As the leader in Enterprise Security Architecture and Information Assurance Integration, Seccuris provides our clients with information security and risk management consulting services, managed security services, security solution integration, and education services. Seccuris also maintains an active research and development portfolio, working collaboratively with organizations across North America and Internationally. Through our commitment to quality, research, and knowledge transfer, Seccuris delivers innovative, comprehensive and proven information assurance services and solutions that provide value to our clients. To learn more about how Seccuris can address all aspects of your information risk management, visit seccuris.com or call 1 (866) 644-6442. Trademarks OneStone and the OneStone logo are registered trademarks of Seccuris Inc. Product names mentioned in this document may be trademarks or registered trademarks of their respective companies and are hereby acknowledged. 021514 10 Copyright 2014

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information