Security

As A Service
By Jim Kaskade

March, 2011
Confidential
Cheyenne Mountain Operations Center
 Next Generation
Managed, Real-Time
Cloud Security As A Service
2010 (per Symantec)
286M Malware Threats
93% Increase in Web
Attacks
42% more mobile
vulnerabilities
1M+ botnets
 2010 (per IBM)
13B events / day
49% of vulnerabilities
from web apps
44% without a patch
by year-end
APTs now targeted,
sophisticated &
complex
Symantec, 2010
Advanced Persistent Threats
Market Opportunity

$17.0 $16.5
Annual Revenue

$16.0
$14.8
$15.0
($B)

11.3% 2009
CAGR
$14.0 2010
$13.0
Gartner, 2010 WW Security SW Revenue (TAM)

$3.0 $2.5
Annual Revenue

$2.0 $1.6
16.5%
($B)

CAGR
2011
$1.0
$9.5B 2014
HW+SW
$0.0
IDC, 2010 WW IDPS SW Revenue (SAM)
Market Opportunity
Managed Service Model

$20.0 $17.0
Annual Revenue

$15.0
23%
$10.0
($B)

$6.0 CAGR 2010

$5.0 2015
$0.0
SaaS, CPE, Cloud MSSP Revenue
 How Do Small-Medium Sized
Businesses Deploy Cost-Effective
Intrusion Detection & Prevention?
 Real-Time
Security As A Service Cloud
Discovery
Real-Time Reporting
Administration

Data Warehouse
. .
. .
. Data Real-Time .
Collector Database Predictive
Analytics
Engine

Raw Data Knowledge

Store Store

Internet Intranet
Users Users
Leveraging The Community
Company A Company C

D
C
Original B Community
Event
A Knowledge
Data
Repository

Company B Company D
Use-case

BU

Internet

Enterprise

Telecom

Security
As A Service
Sensor Data Cloud
Real-time Reporting
Real-time Status/Control
Value Proposition

  Signature-less Real-time Network

Detection / Protection
  Real-time Collection & Analysis of
Information From Hosts, Security Devices,
and Network Devices
  Real-time Reporting of Data & Discovery of
Information
  No customization required
  Simple Cloud-based Deployment
  Cloud Economics
 Pricing / TCO Differentiators

250-User Network (Annual Costs)

$140,000

Subscription

$120,000 $0
Security Staff
Annual Security Costs ($)

$100,000
Hardware/
Software

$80,000 $80,000

$60,000

$40,000
$75,000
$25/User/Mth
$20,000 $40,000

$0 $0
Traditional On-Prem Security Managed Secruity As A Service
Competitive Landscape
Top Security Providers by Revenue: IDC, 2011

Legacy HW Appliance Model

 Competitive Landscape
SIEM IDPS
 Competitive Landscape
  Sumo Logic
  MetaFlows
  IPTrust
  Symantec.cloud
  Sourcefire Immunet/Razorback
  Zscaler
  Webroot
Managed, Real-Time
Cloud Security As A Service
  Light client applications – don’t have to burden having
users constantly update end devices with heavy apps.
  End device performance does not become a concern –
offload security software to cloud
  Uniform policy across the entire organization – single
source for all security services = all devices must abide by
a controlled set of consistent policies
  Centralized reporting platform for IT & Execs – a single
view of the entire enterprise’s security state, which in
many cases is half the battle.
  Zero latency in deployment – by having a global
distribution network via cloud services, all organizations
are covered quickly
Thank You!
Cloud Security Issues

  Trust: Lack of
Provider transparency, impacts
Governance, Risk Management, Compliance
  Data: Leakage, Loss or Storage in unfriendly
geography
  Insecure Cloud software
  Malicious use of Cloud services
  Account/Service Hijacking
  Malicious Insiders
  Cloud-specific attacks
Security Is Impacting Cloud Adoption

IDC, 2010