MANAGED SECURITY SERVICES (MSS) The Cyber Security Initiative. Cybercrime is becoming an important factor for CIOs and IT professionals, but also for CFOs, compliance officers and business owners. The current cyber security threat landscape is getting more and more complex and the decision of buying and implementing solutions to defend against it can be quite challenging. In many cases security requirements have become part of compliance requirements, such as the Payment Card Industry Data Security Standard (PCI DSS), the Health Insurance Portability and Accountability Act (HIPAA), and others. Additionally, the cost of cybercrime to businesses is on the rise with the majority of this cost coming from web attacks and malicious code. Motivations can vary, but cyber security readiness is becoming a must for most organizations regardless of their size or vertical. $35,514 Phishing, Social Engineering $4,781 Virus, Worms, Trojans, Botent, Malware $143,209 Web Attacks Costs to Business from Cyber Crime $100,300 Malicious Insiders $124,083 Malicious Code Source: Ponemon Institute First Annual Cost of Cyber Crime Study. 2010
The Case for Managed Security Services The threat landscape is an ever-changing one. Hackers are continuously coming up with new tactics and exploring new vulnerabilities in today s fluid IT environments. While on-premise Security Information and Event Management (SIEM) systems provide a certain level of protection through log collection and management, they require significant in-house expertise and continuous training and education. Staffing can also be challenging, as monitoring critical IT assets on a 24/7 basis requires a high level of specialized staffing. $1,600,000 $1,200,000 $800,000 $400,000 $0 Cyber Security Monitoring Costs for a Medium-Sized Business $544,300 $144,000 $1,040,750 $396,000 $1,593,000 $648,000 In-House Cyber Security Cost Above Security Cost 1 Year 3 Years 5 Years Outsourcing your security requirement can be a tough decision to make, but for many organizations it makes business sense. Here are a few reasons why you should consider it: Staying up to date on the latest security threats can be mission impossible if you don t have a dedicated staff for it. Monitoring and protecting your IT assets from cyber attacks is the core expertise offered by Managed Security Service Providers (MSSPs). MSSPs security experts teams will vet all the alerts produced by the various devices that you may have in your infrastructure to the handful of events that your team needs to deal with, thus reducing cost while increasing efficiency. The initial and continuous infrastructure and staffing investment in a security solution can be daunting to some businesses. But even if you can afford that, outsourcing your security services can slash your investment by a significant margin depending on the size of your infrastructure. That should allow you to get the best protection possible and still have the budget to invest in your core business.
Cyber Security Monitoring Costs for a Medium-Sized Business MONITORING 1 YEAR 3 YEARS 5 YEARS In-house HUMAN RESOURCES Recruitment fees for specialized resources $22,500 $22,500 $22,500 2 full-time employees $150,000 $450,000 $750,000 Staff management (15% annual salary of the manager) $15,000 $45,000 $75,000 Specialized training ($3,000/year/employee) $6,000 $12,000 $18,000 Subtotal (HR) $193,500 $529,500 $865,500 HARDWARE** 3 IDS/IPS sensors and management console $154,000 $154,000 $154,000 IDS/IPS annual maintenance $30,800 $115,500 $231,000 Vulnerability scanner (software and server) $3,500 $10,500 $17,500 Log aggregation (SIEM appliance) $125,000 $125,000 $125,000 SIEM deployment (10% minimum) $12,500 $12,500 $12,500 SIEM annual maintenance $25,000 $93,750 $187,500 Total (HR & Hardware) $544,300 $1,040,750 $1,593,000 Outsourced (executed by Above Security) Implementation fees (3 sensors) $18,000 $18,000 $18,000 3 IDS/IPS sensors (3,500$/sensor/month) $126,000 $378,000 $630,000 Annual maintenance $0 $0 $0 Vulnerability scanner $0 $0 $0 Log aggregation $0 $0 $0 Total (Above Security) $144,000 $396,000 $648,000 * The details of these calculations can be provided upon request. As an independent service provider an MSSP can oversee change control procedures to make sure that compliance with internal and external rules and regulations is maintained at all times. An MSSP can also help maintaining all security devices up to date with the latest frame ware updates. Thus reducing your exposure to possible vulnerabilities in your network. MSSPs are setup to manage large infrastructures of many clients. Choosing a MSSP can provide a future-proof solution as they can match your business growth requirements seamlessly. By selecting to work with an MSSP, your team will have a specialized security team extension that has well documented procedures to deal with security threats. This will help your IT staff respond to security events in the most efficient manners. Minimum Savings Calculations for 2 employees providing support from 9 to 5 with 24/7 pager $400,300 $644,750 $945,000 Savings vs. 24/7 Operations Calculation for 5 employees providing 24/7 monitoring** $678,550 $1,439,000 $2,243,250 ** A two full time employees security team with 24/7 pager still exposes an organization to a significant security gap, a minimum of 5 employees is required to provide a real 24/7 monitoring coverage
Standard Features of Above Security Managed Security Service (MSS) include: Incident Response Management As soon as a security alert is detected, a certified security analyst investigates the alert based on his or her expertise and understanding of the client s infrastructure. If the alert is determined to be a threat to the client s network, it will be escalated according to the parameters established in conjunction with the client. Intrusion Detection & Prevention Systems (IDS/IPS) Networks are monitored for malicious activities and policy violations, triggered alerts are analyzed in real time, security incident reports are prepared and security incidents are escalated according to the conditions established in the escalation procedure. Log Management Security-related log data is captured and analyzed in order to identify security incidents, fraudulent activity, and operational problems. Vulnerability Assessments Vulnerabilities and weaknesses in the network are identified and managed. A variety of network devices, e.g. servers, appliances, applications and workstations, can be scanned for vulnerabilities. Event Correlation Information from a variety of sources, e.g. security logs, vulnerability scans, & IDS alerts, is evaluated to recognize event patterns that may have a bearing on the organization s security posture. Reporting Regularly provided reports are a valuable method to provide clients with more insights on the monitoring service, their security posture, incidents which have been handled since the last report publication, actionable recommendations and general observations and trends about the their network. For a comprehensive assessment of your security needs and how Above Security can help you secure your data and most critical assets at a fraction of the cost, call our toll free number at: 1-866-430-8166.
About Above Security With global operations and clients in over 40 countries, Above Security has a global view of the cyber threat landscape. Our security specialists are monitoring and helping our clients stay protected at all times. Our around the clock incident response team helps our customers remediate any threats or malicious acts faster and more efficiently. Above Security provides a full scale managed security services to allow you protect your most valuable IT assets as well as your business s and customers data while complying with the most stringent compliance requirements and internal controls. Canada World Headquarters +1 450 430 8166 +1 866 430 8166 (toll-free) USA Above Security USA +1 450 430 8166 +1 866 430 8166 (toll-free) Switzerland Above Security Europe +41 (0) 22 365 7510 europe@abovesecurity.com United Arab Emirates Above Security Middle East +971 481 37 758 middleeast@abovesecurity.com