THE CYBER-SECURITY PLAYBOOK Selling Into the Global Defense Market The federal cyber-security space is becoming a hotbed of incubation, acquisition and opportunity, but how to sell into this complicated market has remained a mystery to many vendors. Analyzing the Business of Enterprise IT Innovation ESP ENTERPRISE SECURITY PRACTICE 4 FINDINGS Defense contractors and SIs are beginning to reach into the enterprise market to acquire complementary security product vendors for the enhancement of their cyber-security portfolios. PAGE 22 There are multiple paths to sell to government agencies, many of which are supported by assistance programs that enterprise vendors can use. PAGE 14 Vulnerability management is an early leader in cyber-security-market adoption, but ESIM, forensics and several other classic enterprise technologies are hot on its heels. PAGE 25 Due to threat severity, government buyers are more inclined to buy best-in-breed technologies than allencompassing portfolios as long as the technology is extensible and malleable. PAGE 20 5 IMPLICATIONS Established vendors with a strong enterprise presence looking to further exploit the cyber-security market will likely need to follow traditional certification and partnership strategies. PAGE 11 Startups need to gain a firm understanding of governmentbacked opportunities and the procurement vehicles employed by government agencies. PAGE 11 End users of enterprise security products from a vendor that has recently adopted a federal sales strategy may find themselves a less important factor in product roadmap decisions going forward. PAGE 38 Investment in a federal-focused company shouldn t be seen as an arduous long-term deal with limited ROI potential. Government agencies will likely help incubate products and fund their development. PAGE 14 Between 2002 and 2009, there were only four acquisitions in the cyber-security space driven by product or technology portfolio inclusion, compared to four in 2010 and one so far in 2011. PAGE 22 1 BOTTOM LINE The cyber-security market has always been perceived as a tough nut to crack. However, with government-backed R&D programs, increased defense contractor and SI security acquisitions, and growing cyber-security concerns and mandates, this space may be one of the last greenfield opportunities left in the security-product market. APRIL 2011
REPORT SNAPSHOT TITLE The Cyber-Security Playbook ANALYST RELEASE DATE April 2011 LENGTH Andrew Hay, Senior Security Analyst, Enterprise Security Practice 40 pages ABOUT THIS REPORT The primary purpose of this report is to open the eyes of security technology vendors to the slew of cyber-security opportunities and related monies made available by the cyber-security concerns of the government, military and intelligence communities. If you are a security vendor looking to make money in this lucrative sector, this report explains some of the lesser-known government programs that could help you gain entry into the market, as well as the natural technology affinities within the realm of cyber security that will succeed. From an opportunity standpoint, we also explain the potential exits for technology companies and show investors how they can make more money (while taking fewer risks) than ever before. Although this report is primarily US-centric due to the US having the majority of government funding and R&D-backed initiatives in this space, in addition to the largest defense industrial base in the world, many of the recommendations still apply across geographic boundaries.
TABLE OF CONTENTS SECTION 1: EXECUTIVE SUMMARY 1 1.1 INTRODUCTION....................... 1 1.2 KEY FINDINGS........................ 2 1.3 METHODOLOGY....................... 3 SECTION 2: THE CYBER-SECURITY BATTLEFIELD 4 Figure 1: Evolution of Targets by Industry............. 8 SECTION 3: GETTING A SEAT AT THE TABLE 11 3.1 INTERNAL SALES INFRASTRUCTURE............... 11 3.2 TESTING AND CERTIFICATION.................. 11 3.3 GETTING ONTO A GSA SCHEDULE............... 13 Figure 2: Traditional Path for Cyber-Security Market Entry.......14 3.4 OTHER PATHS TO THE GOVERNMENT CYBER-SECURITY MARKET... 14 Figure 3: Paths for Cyber-Security Market Entrance......... 16 Figure 4: DoD ASD(R&E) SBIR Topics.............. 17 Figure 5: BAA Technical Topic Areas...............18 3.5 GOVERNMENT PROCUREMENT.................. 18 SECTION 4: CYBER-SECURITY PRODUCT PACKAGING SUCCESS 20 SECTION 5: CYBER-SECURITY M&A 22 Figure 6: Non-Product Cyber-Security M&A in 2010......... 23 Figure 7: Product-Centric Cyber-Security M&A (January 2002 January 2010)...............24 SECTION 6: NATURAL CYBER-SECURITY AFFINITIES 25 6.1 VULNERABILITY MANAGEMENT AND PENETRATION TESTING...... 25 Figure 8: Pending US Congressional Legislation Pertinent to Penetration Testing................... 27 THE CYBER-SECURITY PLAYBOOK
6.2 FORENSICS AND IR...................... 28 6.3 NETWORK BEHAVIOR ANOMALY DETECTION AND DEEP-PACKET INSPECTION................. 29 6.4 ENTERPRISE SECURITY INFORMATION MANAGEMENT......... 31 6.5 IT GOVERNANCE, RISK AND COMPLIANCE............. 32 6.6 CHANGE AND CONFIGURATION MANAGEMENT........... 34 6.7 INTRUSION DETECTION AND PREVENTION............. 34 SECTION 7: CYBER-SECURITY IMPLICATIONS 38 INDEX OF COMPANIES 41
ABOUT THE 451 GROUP The 451 Group is a technology analyst company. We publish market analysis focused on innovation in enterprise IT, and support our clients through a range of syndicated research and advisory services. Clients of the company at vendor, investor, service-provider and end-user organizations rely on 451 insights to do business better. ABOUT TIER1 RESEARCH Tier1 Research covers consumer, enterprise and carrier IT services, particularly hosting, colocation, content delivery, Internet services, software-as-a-service and enterprise services. Tier1 s focus is on the movement of services to the Internet what they are, how they are delivered and where they are going. 2011 The 451 Group, Tier1 Research and/or its Affiliates. All Rights Reserved. Reproduction and distribution of this publication, in whole or in part, in any form without prior written permission is forbidden. The terms of use regarding distribution, both internally and externally, shall be governed by the terms laid out in your Service Agreement with The 451 Group, Tier1 Research and/or its Affiliates. The information contained herein has been obtained from sources believed to be reliable. The 451 Group and Tier1 Research disclaim all warranties as to the accuracy, completeness or adequacy of such information. Although The 451 Group and Tier1 Research may discuss legal issues related to the information technology business, The 451 Group and Tier1 Research do not provide legal advice or services and their research should not be construed or used as such. The 451 Group and Tier1 Research shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The reader assumes sole responsibility for the selection of these materials to achieve its intended results. The opinions expressed herein are subject to change without notice. Analyzing the Business Better perspective from the top in independent tech research of Enterprise IT Innovation THE CYBER-SECURITY PLAYBOOK