THE CYBER-SECURITY PLAYBOOK



Similar documents
TOTAL DATA WAREHOUSING:

DATACENTER INFRASTRUCTURE MANAGEMENT SOFTWARE. Monitoring, Managing and Optimizing the Datacenter

MOBILE APP LIFECYCLE

The Data Management of Things

OF THE CLOUD, FOR THE CLOUD

Social Intranets and the Supply Chain

Cloud Management Platform Market Map 2016

CLOUDSCAPE. IT SERVICES Tooling up for ITaaS KEY FINDINGS

Data Platforms and Analytics Market Map 2016

Cloud Brokers EXECUTIVE OVERVIEW MAKING ITAAS A PRACTICAL REALITY?

Mexico EXECUTIVE OVERVIEW MULTI-TENANT DATACENTER MARKET

DATACENTER BRAZIL MTDC MARKET ASSESSMENT EXECUTIVE OVERVIEW. Supply and Providers MARCH 2013

2016 Trends in Datacenter Technologies

Web and Application Hosting 2015

DATACENTER CANADA MTDC MARKET ASSESSMENT REPORT EXCERPT SUPPLY AND PROVIDERS MICHAEL LEVY WRITTEN BY DECEMBER 2012

Telco Multi-Play and Content Strategies

Seattle EXECUTIVE OVERVIEW MULTI-TENANT DATACENTER MARKET

DATACENTER MULTI-TENANT DATACENTER NORTH AMERICAN PROVIDERS 2013 EXECUTIVE OVERVIEW KEY FINDINGS

WEB AND APPLICATION HOSTING

Decision Framework, DF J. Holincheck. Application Service Provider Traditional Payroll/Benefits Outsourcing Business Process Outsourcing

2016 Trends in Storage

The Magic Quadrant Framework

Predicts 2004: Supplier Relationship Management

Defining the PLM Magic Quadrant by Criteria and Use. We provide the methodology used in developing our product life cycle management Magic Quadrant.

Small and Midsize Business IT Outsourcing Vendor Market Trends, 2003 (Executive Summary) Executive Summary

Business Intelligence: The European Perspective

Lead architect. Business architect. Technical architect. Lead Architect

This white paper was written by Csilla Zsigri, The 451 Group, based on the work done by the SmartLM Consortium in business modeling.

Magic Quadrant for Data Center Outsourcing, 4Q03

DATACENTER NORTH AMERICAN MULTI-TENANT DATACENTER SUPPLY EXECUTIVE OVERVIEW. Emerging Major Markets 2013 DECEMBER 2013

2010 Gartner FEI Technology Study: Planned Shared Services and Outsourcing to Increase

RBC Insurance Fetes Online Auto/Home Insurance Growth

EMEA CRM Analytics Suite Magic Quadrant Criteria 3Q02

Research Agenda and Key Issues for Converged Infrastructure, 2006

CIO Update: Gartner s IT Security Management Magic Quadrant Lacks a Leader

How Deal Size Matters in IT Infrastructure Outsourcing (Executive Summary) Executive Summary

Management Update: Gartner s Updated Help Desk Outsourcing Magic Quadrant

Management Update: Gartner s Large-Enterprise HRMS Magic Quadrant for 2002

Outlook for the CRM Software Market: Trends and Forecast (Executive Summary) Executive Summary

PLM Eclipses CPC as a Software Market

Magic Quadrant for Global Enterprise Desktops and Notebooks

Like all football clubs, PSG suffered from unsold seats for the less-popular games. Even when it was able to sell tickets for

Don't Pay to Support CRM 'Shelfware'

IT Services Opportunities in IP Telephony (Executive Summary) Executive Summary

Achieving Enterprise Software Success

CARRIER-NEUTRAL COLOCATION 2009 DATACENTER REPORT BY JASON SCHAFER APRIL TIER1 RESEARCH & THE 451 GROUP DATACENTER

Estimating the Costs of an ERP/Business Application Initiative

DATACENTER NORTH AMERICAN MULTI- TENANT DATACENTER SUPPLY EMERGING MAJOR MARKETS 2011 JEFF PASCHKE, RICK KURTZBEIN & MICHAEL LEVY REPORT BY JULY 2011

Management Update: How to Implement a Successful ERP II Project

Global Case Studies in Highly Efficient Datacenters 2014

Management Update: The Eight Building Blocks of CRM

Vendor Classification

IP Centrex and IP Telephony Offer Different Capabilities

This document has been provided by the International Center for Not-for-Profit Law (ICNL).

Transcription:

THE CYBER-SECURITY PLAYBOOK Selling Into the Global Defense Market The federal cyber-security space is becoming a hotbed of incubation, acquisition and opportunity, but how to sell into this complicated market has remained a mystery to many vendors. Analyzing the Business of Enterprise IT Innovation ESP ENTERPRISE SECURITY PRACTICE 4 FINDINGS Defense contractors and SIs are beginning to reach into the enterprise market to acquire complementary security product vendors for the enhancement of their cyber-security portfolios. PAGE 22 There are multiple paths to sell to government agencies, many of which are supported by assistance programs that enterprise vendors can use. PAGE 14 Vulnerability management is an early leader in cyber-security-market adoption, but ESIM, forensics and several other classic enterprise technologies are hot on its heels. PAGE 25 Due to threat severity, government buyers are more inclined to buy best-in-breed technologies than allencompassing portfolios as long as the technology is extensible and malleable. PAGE 20 5 IMPLICATIONS Established vendors with a strong enterprise presence looking to further exploit the cyber-security market will likely need to follow traditional certification and partnership strategies. PAGE 11 Startups need to gain a firm understanding of governmentbacked opportunities and the procurement vehicles employed by government agencies. PAGE 11 End users of enterprise security products from a vendor that has recently adopted a federal sales strategy may find themselves a less important factor in product roadmap decisions going forward. PAGE 38 Investment in a federal-focused company shouldn t be seen as an arduous long-term deal with limited ROI potential. Government agencies will likely help incubate products and fund their development. PAGE 14 Between 2002 and 2009, there were only four acquisitions in the cyber-security space driven by product or technology portfolio inclusion, compared to four in 2010 and one so far in 2011. PAGE 22 1 BOTTOM LINE The cyber-security market has always been perceived as a tough nut to crack. However, with government-backed R&D programs, increased defense contractor and SI security acquisitions, and growing cyber-security concerns and mandates, this space may be one of the last greenfield opportunities left in the security-product market. APRIL 2011

REPORT SNAPSHOT TITLE The Cyber-Security Playbook ANALYST RELEASE DATE April 2011 LENGTH Andrew Hay, Senior Security Analyst, Enterprise Security Practice 40 pages ABOUT THIS REPORT The primary purpose of this report is to open the eyes of security technology vendors to the slew of cyber-security opportunities and related monies made available by the cyber-security concerns of the government, military and intelligence communities. If you are a security vendor looking to make money in this lucrative sector, this report explains some of the lesser-known government programs that could help you gain entry into the market, as well as the natural technology affinities within the realm of cyber security that will succeed. From an opportunity standpoint, we also explain the potential exits for technology companies and show investors how they can make more money (while taking fewer risks) than ever before. Although this report is primarily US-centric due to the US having the majority of government funding and R&D-backed initiatives in this space, in addition to the largest defense industrial base in the world, many of the recommendations still apply across geographic boundaries.

TABLE OF CONTENTS SECTION 1: EXECUTIVE SUMMARY 1 1.1 INTRODUCTION....................... 1 1.2 KEY FINDINGS........................ 2 1.3 METHODOLOGY....................... 3 SECTION 2: THE CYBER-SECURITY BATTLEFIELD 4 Figure 1: Evolution of Targets by Industry............. 8 SECTION 3: GETTING A SEAT AT THE TABLE 11 3.1 INTERNAL SALES INFRASTRUCTURE............... 11 3.2 TESTING AND CERTIFICATION.................. 11 3.3 GETTING ONTO A GSA SCHEDULE............... 13 Figure 2: Traditional Path for Cyber-Security Market Entry.......14 3.4 OTHER PATHS TO THE GOVERNMENT CYBER-SECURITY MARKET... 14 Figure 3: Paths for Cyber-Security Market Entrance......... 16 Figure 4: DoD ASD(R&E) SBIR Topics.............. 17 Figure 5: BAA Technical Topic Areas...............18 3.5 GOVERNMENT PROCUREMENT.................. 18 SECTION 4: CYBER-SECURITY PRODUCT PACKAGING SUCCESS 20 SECTION 5: CYBER-SECURITY M&A 22 Figure 6: Non-Product Cyber-Security M&A in 2010......... 23 Figure 7: Product-Centric Cyber-Security M&A (January 2002 January 2010)...............24 SECTION 6: NATURAL CYBER-SECURITY AFFINITIES 25 6.1 VULNERABILITY MANAGEMENT AND PENETRATION TESTING...... 25 Figure 8: Pending US Congressional Legislation Pertinent to Penetration Testing................... 27 THE CYBER-SECURITY PLAYBOOK

6.2 FORENSICS AND IR...................... 28 6.3 NETWORK BEHAVIOR ANOMALY DETECTION AND DEEP-PACKET INSPECTION................. 29 6.4 ENTERPRISE SECURITY INFORMATION MANAGEMENT......... 31 6.5 IT GOVERNANCE, RISK AND COMPLIANCE............. 32 6.6 CHANGE AND CONFIGURATION MANAGEMENT........... 34 6.7 INTRUSION DETECTION AND PREVENTION............. 34 SECTION 7: CYBER-SECURITY IMPLICATIONS 38 INDEX OF COMPANIES 41

ABOUT THE 451 GROUP The 451 Group is a technology analyst company. We publish market analysis focused on innovation in enterprise IT, and support our clients through a range of syndicated research and advisory services. Clients of the company at vendor, investor, service-provider and end-user organizations rely on 451 insights to do business better. ABOUT TIER1 RESEARCH Tier1 Research covers consumer, enterprise and carrier IT services, particularly hosting, colocation, content delivery, Internet services, software-as-a-service and enterprise services. Tier1 s focus is on the movement of services to the Internet what they are, how they are delivered and where they are going. 2011 The 451 Group, Tier1 Research and/or its Affiliates. All Rights Reserved. Reproduction and distribution of this publication, in whole or in part, in any form without prior written permission is forbidden. The terms of use regarding distribution, both internally and externally, shall be governed by the terms laid out in your Service Agreement with The 451 Group, Tier1 Research and/or its Affiliates. The information contained herein has been obtained from sources believed to be reliable. The 451 Group and Tier1 Research disclaim all warranties as to the accuracy, completeness or adequacy of such information. Although The 451 Group and Tier1 Research may discuss legal issues related to the information technology business, The 451 Group and Tier1 Research do not provide legal advice or services and their research should not be construed or used as such. The 451 Group and Tier1 Research shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The reader assumes sole responsibility for the selection of these materials to achieve its intended results. The opinions expressed herein are subject to change without notice. Analyzing the Business Better perspective from the top in independent tech research of Enterprise IT Innovation THE CYBER-SECURITY PLAYBOOK

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information