A few years back — as companies grappled with IT outsourcing — it was safe to assume that the IT security organization was exempt because, as many chief information security officers (CISOs) told us, “We would never outsource security.” Guess what? Today, one in four now outsource their email filtering, and another 12% are very interested in doing so in the next 12 months. Another 13% already outsource their vulnerability management — a treasure trove for potential hackers — and an additional 19% say they are “very interested” in doing so in the next 12 months. Although security spending stayed flat for the most part in 2009, Forrester estimates that the managed services market grew by roughly 8%.
Today, managed security services (MSS) offerings exist in various forms, from pure system management to more sophisticated log analysis using a number of delivery mechanisms, from software-as-a-service (SaaS) and cloud services to on-premises device monitoring and management.
Changing Market Dynamics Bring In New Customers And Market Opportunities
Not only are the internal and external threat paradigms changing rapidly, but the changing business conditions are also affecting the types of services that customers request. In today's MSS market we see that:
Both supply and demand of MSS are on the rise. Companies are willing to outsource more of their environment than ever before. Traditionally, outsourcing was only used for day-to-day security functions such as network firewall monitoring and email filtering — areas discrete and unintegrated from the rest of IT such as email security and Web filtering. While these are still among the most prevalent services, increasingly more companies are turning to an MSSP to manage additional security functions that are highly operationalized (event monitoring) and integrated (log management ) within the IT ...