Forrester Emerging MSSP Wave

  • View

  • Download

Embed Size (px)


Emerging Managed Security Service Providers 2013

Text of Forrester Emerging MSSP Wave

  • 1. Forrester research, inc., 60 acorn Park Drive, cambridge, Ma 02140 uSatel: +1 617.613.6000 | Fax: +1 617.613.5000 | www.forrester.comThe Forrester Wave: EmergingManaged Security Service Providers,Q1 2013by ed Ferrara, January 8, 2013 | updated: February 14, 2013For: Security &risk ProfessionalsKey TaKeaWaysemerging Mssps have laudable Capabilities, Forward-Thinkingstrategies, and surprising Client listsThese emerging players deserve a hard look. They offer comprehensive, professionallydelivered security services. Some are pioneering cloud-based delivery, and othersresell their services through a growing MSSP reseller channel. All are growing at ratesof 30% to 40% per year and have great technical depth and flexibility.Being a Big Fish in a small pond Can Be a good ThingCISOs interviewed for this research indicated they liked being the vendors biggestcustomer. This offers better value. One CISO at a financial services company said, Idont need an MSSP with 10 SOCs and analysts fluent in 12 languages. When I callI want to know the name of the person on the other end of the phone and how theywill help me.Cloud, saas security, and Customer satisfaction are KeydifferentiatorsThe Leaders in this Forrester Wave want to grow their businesses. Some aspire toserve enterprise-class clients, while a few others think their future lies is servingsmall and midsize businesses. The cloud, software, and hardware-as-a-service playa big role with two of the Leaders differentiating them from the pack and otherMSSPs as well.

2. 2013, Forrester Research, Inc. All rights reserved. Unauthorized reproduction is strictly prohibited. Information is based on best availableresources. Opinions reflect judgment at the time and are subject to change. Forrester, Technographics, Forrester Wave, RoleView, TechRadar,and Total Economic Impact are trademarks of Forrester Research, Inc. All other trademarks are the property of their respective companies. Topurchase reprints of this document, please email For additional information, go to Security & Risk ProfessionalsWhy Read This ReportIn Forresters 15-criteria evaluation of the emerging managed security services provider (MSSP)market, we identified the 10 most significant providers in this category Alert Logic; CompuCom;Integralis; Network Box; Savvis, A CenturyLink Company; Secure Designs; SilverSky; StillSecure; TataCommunications; and Vigilant and researched, analyzed, and scored them. These 10 providers have lessrevenue, smaller physical plants, and fewer staff than the nine North American MSSP firms covered in ourForrester Wave published in March 2012, but they are growing rapidly. To help security and risk (S&R)professionals select the right managed security services partner, this report uses our criteria to evaluateeach service provider and plots where they stand in relation to each other.Table Of ContentsCISOs Now Have Multiple Options ForManaged Security ServicesWhat It Means To Be EmergingEmerging MSSPs Address SecurityComplexity And Contain CostsManaged Security Services: Emerging PlayerEvaluation OverviewEvaluation Focused On Breadth Of Capabilities,Flexibility, And Customer SatisfactionEvaluated Vendors Offer A Full Suite OfManaged Security ServicesEvaluation AnalysisVendor ProfilesSupplemental MaterialNotes & ResourcesForrester conducted services evaluationsin Q2 2012 and interviewed 10 managedsecurity service providers: Alert Logic;CompuCom; Integralis; Network Box; Savvis,A CenturyLink Company; Secure Designs;SilverSky; StillSecure; Tata Communications;and Vigilant.Related Research DocumentsSource Your Security ServicesApril 25, 2012The Forrester Wave: Managed SecurityServices: North America, Q1 2012March 26, 20122012 Budget And Planning Guide For CISOsDecember 15, 2011The Forrester Wave: Emerging ManagedSecurity Service Providers, Q1 2013Ten Emerging Service Providers That Have The Chops To Be YourManaged Security Service Providerby Ed Ferrarawith Laura Koetzle, Chris McClean, Nick Hayes and Kelley Mak224691114January 8, 2013Updated: February 14, 2013 3. For Security & Risk ProfessionalsThe Forrester Wave: Emerging Managed Security Service Providers, Q1 2013 2 2013, Forrester Research, Inc. Reproduction Prohibited January 8, 2013 | Updated: February 14, 2013CISOs now have multiple options for managed security servicesAlthough information security is a critical function, its no longer necessary to do it all in-house.Thus, 21% of those surveyed in Forresters Forrsights Security Survey, Q2 2012 planned to spendmore of their budget with managed security service providers (MSSP) in the coming year.1Thisgrowth percentage was the same in our 2011 survey, and MSSPs are currently reporting between18% and 21% growth on an annualized basis. The numbers show a clear trend, and theres a growingconsensus that outsourcing security is a viable option for many companies. In response to this newdemand, MSSPs are expanding and new firms are entering the managed security services (MSS)market. This is good news for security and risk (S&R) professionals because it increases choice andmakes services pricing more competitive. It also makes provider selection more challenging becauseof the increased number of choices.WHAT IT MEANS TO BE EMERGINGThe companies in this Forrester Wave represent some of the best emerging players in the market.Forrester uses the term emerging to distinguish this group of MSSPs from the larger, moreestablished players in the market we covered in our March 2012 Wave.2Forrester divides the MSSPmarket into three categories or divisions (see Figure 1).3Division 1 includes the largest enterprise-class providers. These MSSPs offer multiple security operations centers (SOCs) in multiplegeographies, employ from 100 to more than 1,500 engineers, and have revenues between $70million and $400 million. Division 2 includes the emerging MSSPs. These companies have from 20to 100 engineers, one or two SOCs, and revenues between $25 million and $70 million. Division 3includes many smaller firms that serve the small business market. These companies have a singleSOC and a small staff of security analysts numbering no more than 10. Revenues for these firms areless than $25 million. This Forrester Wave evaluates nine Division 2 and one Division 3 emergingMSSPs. These firms offer:Competent security technology skills. These firms use both proprietary and licensedtechnology for their service offerings. In some cases, these firms will extend licensed technologyto improve the licensed technologys capabilities, and some firms resell other firms services.4These MSSPs support a variety of different technologies, including firewalls (current, next-generation, and web application); intrusion detection; endpoint and server antivirus; hostintrusion and detection and protection; log management, archival, and maintenance; systemsmanagement; threat intelligence; intrusion protection; proxies; security incident and eventmanagement; and web application monitoring technology.Effective pricing. The firms evaluated in this Wave dont have the same cost structures as largerfirms. They have smaller physical plants, lower marketing costs, and lower cost structuresoverall. These lower costs allow them to offer services that are similar to those provided by theDivision 1 MSSPs but with lower overall cost. 4. For Security & Risk ProfessionalsThe Forrester Wave: Emerging Managed Security Service Providers, Q1 2013 3 2013, Forrester Research, Inc. Reproduction Prohibited January 8, 2013 | Updated: February 14, 2013Excellent customer service. Clients of the emerging MSSPs gave their providers very positivefeedback on their pricing and quality of service. There was variability in the client responses, butoverall, the MSSPs in this Wave did well in the customer satisfaction category. When the clientsneeded help, the best MSSPs didnt simply point to a contract but demonstrated flexibility andworked with their clients to resolve the issue.Experienced and trained staff. The firms reviewed here, in general, have very capable staffs thatknow the technologies they support. All the firms have formal training programs and apprenticeprograms, to provide staff necessary skills and experience. These firms use their experience todetect network, application, and server intrusions. The firms also have the necessary experienceto identify and address cyberthreats in a number of modes, ranging from simple monitor andalert all the way to complete incident response management.5Although the number of stafffor these firms is not large the smallest has a staff of 10 and the largest a staff of 200 thesecompanies are able to demonstrate effective technical and operational competence.Flexibility. Clients praised these emerging MSSPs for their operational flexibility andappreciated their response during security incidents: Rather than spending time analyzing theSLAs and the contract to determine whether the incident was covered, the emerging MSSPsjumped in and worked with their customers to resolve the problems. 5. For Security & Risk ProfessionalsThe Forrester Wave: Emerging Managed Security Service Providers, Q1 2013 4 2013, Forrester Research, Inc. Reproduction Prohibited January 8, 2013 | Updated: February 14, 2013Figure 1 MSSP Market SegmentationSource: Forrester Research, Inc.86781MSS revenue $70M to $400MSOCs More than two, with significant redundancy and BCP-DRAnalysts/engineers More than 100 analysts, engineers, and advanced threat engineersTechnology Proprietary orsignificantly enhanced technologyPortfolio Full portfolio of standard services (someOEM and white-label possible,but a lowpercentage)Language support Multilanguage supportAverage client profile Morethan 2,000 employeesMSS revenue Greater than $25M and less than $70MSOCs One to two SOCsAnalysts/engineers More than 10 and fewer than 100 analysts, engineers, and advanced