Analysis of the EMEA Managed Security Services Market Protection and Risk Mitigation from Targeted Cyber Attacks is Driving Market Growth

(1)

Analysis of the EMEA Managed Security Services Market

Protection and Risk Mitigation from Targeted Cyber Attacks is

Driving Market Growth

M953-74

October 2013

(2)

Research Team

Lawrence Dietz

Industry Director Network Security (+1) 408 718 0385 [email protected]

Mario Fernandez

Senior Industry Analyst

Information and Communication Technologies (+48) 22 481 6271

[email protected]

Lead Analyst Contributing Analyst

Research Director

Adrian Drozd

Research Director

Information and Communication Technologies (+44) 1865 398 699

[email protected]

Strategic Review Committee Leader

Michael Suby

Vice President of Research Stratecast

(+1) 720 344 4860

(3)

Section Slide Numbers

Executive Summary 4

Market Overview 10

Total MSS Market -

• External Challenges: Drivers and Restraints 22

• Forecast and Trends 28

• Demand Analysis 43

• Market Share and Competitive Analysis 49

CPE-based MSS Segment Breakdown 56

Hosted MSS Segment Breakdown 63

The Last Word 70

Appendix 74

Notable Market Participants 83

(4)

(5)

• The managed security services (MSS) market in Europe, the Middle East, and Africa

(EMEA) continued to see strong growth rates in 2012.

• The complexities of securing an organisations’ network and infrastructure against

targeted attacks has been a major growth driver.

• The need to reduce capital expenditures and to comply with relevant industry standards

have also driven the adoption of MSS.

• Regulatory compliance, in particular data protection and data privacy compliance, acts

simultaneously as a driver and as a restraint.

• The complexity of maintaining regularity compliance induces organisations to adopt

MSS. However, misperceptions on regulations often deter organisations to engage in

MSS.

• In line with these drivers, leading managed security service providers (MSSPs) have

adopted a risk-based approach, whereby they focus on understanding a client’s specific

business context, the risks the client is exposed to, and deliver MSS accordingly.

• Likewise, leading MSSPs have placed great emphasis on improving their security

intelligence and security analytics capabilities.

Source: Frost & Sullivan

Executive Summary

(6)

Executive Summary (continued)

• Investing in acquiring, developing, and retaining human capital also persists as a

common practice among leading MSSPs.

• From a delivery-mode standpoint, the demand for customer premises equipment

(CPE)-based MSS remains strong.

• Hosted MSS are, however, experiencing higher growth rates. The demand for hosted

content, email, and Web security, as well as hosted distributed denial of service (DDoS)

mitigation is expected to expand rapidly.

• Enterprises continue to constitute the main segment of MSS in EMEA. Frost & Sullivan

believes that, in terms of market value, the enterprise segment will continue being

dominant.

• From a regional perspective, the United Kingdom and Germany lead in terms of market

value. In Scandinavia, Benelux, Switzerland, and Austria the adoption of MSS is

relatively high.

• Frost & Sullivan believes that the market will continue to expand at double-digit growth

rates throughout the forecast period from 2013 to 2018.

(7)

Market Stage

Mature

Market Revenue

$2.62 B

(2012) Average Package Deal Size

$310,000

Market Size for Last Year of Study Period

$5.50 B

(2018) Base Year Market Growth Rate

15.6%

Compound Annual Growth Rate

13.1%

(CAGR, 2012–2018) Customer Price Sensitivity

6

(scale:1 [Low] to 10 [High])

Market Concentration

21.9%

Degree of Technical Change

7

(scale:1 [Low] to 10 [High])

Total MSS Market: EMEA, 2012

For a tabular version click here.

(% of market share held by top 3 companies)

Stable Increasing Decreasing

Executive Summary—Market Engineering Measurements

Note: All figures are rounded. The base year is 2012. Source: Frost & Sullivan

(8)

Industry Advancement

*Companies with revenue of more than $1 M revenue.

Average

Renewal Rate

96.1%

(Average renewal rate per customer) Competitor Overview Replacement Rate

3.2 Years

(average contract period for MSSP)

Total Addressable Market

Number of Companies that Exited*

0

(2012) Number of Companies that Entered*

0

(2012) Number of Competitors*

65

(active market competitors in 2012) Average Product Development Time

9 Months

Executive Summary—Market Engineering Measurements

(continued)

Note: All figures are rounded. The base year is 2012. Source: Frost & Sullivan Stable Increasing

(9)

2 Securing virtualised and cloud-based

environments is increasingly important

for customers and MSSPs.

3 Customers demand that MSSPs have

a greater, more proactive role in

improving their security posture.

4 Further market consolidation is

expected to take place over the

forecast period.

1 MSSPs are broadening their portfolios,

increasingly focusing on security

intelligence and security analytics.

5 A shortage of highly-skilled security

professionals remains a challenge for

MSSPs and customers.

Executive Summary—CEO’s Perspective

(10)

(11)

Market Overview—Definitions

Market Description

• MSSPs monitor results (log stream data) of security appliances (security products) from a security operations centre (SOC). In many instances, MSSPs also manage the security appliances

throughout their lifecycle.

• By providing an outsourcing service, MSSPs help customers reduce capital expenditure (CAPEX) while providing in-depth expertise on security and maintaining efficient security management. • MSSPs are expected to have expertise in a wide number of product vendors because initially they

are hired to monitor and manage existing equipment.

• Frost & Sullivan splits the MSSP market into four segments: CPE-based MSS, hosted MSS,

professional services, and technical services. In this research service, Frost & Sullivan will only include CPE-based MSS and hosted MSS.

(12)

Market Overview—Definitions (continued)

Region Definitions

• Europe, the Middle East, and Africa (EMEA) includes countries in Western and Eastern Europe, Western Asia, and Africa.

• The following regions are included within the study:

o ACH refers to Austria and Switzerland.

o Benelux refers to Belgium, the Netherlands, and Luxembourg.

o Nordics refers to Denmark, Sweden, Norway, and Finland.

o CEE refers to the Baltic countries, Bulgaria, Czech Republic, Hungary, Poland, Romania, and

Slovakia.

o MEA refers to countries in North and Sub-Saharan Africa, as well as countries in Western Asia.

(13)

Market Overview—Definitions (continued)

Revenue Definitions

• Projected revenue is segmented according to service portfolio distribution, vertical market distribution, and region/country.

• Revenues generated by information security vendors who only offer to monitor their own products are excluded.

• Frost & Sullivan’s MSS market revenue models include installation costs incurred while procuring the services.

• Enterprise refers to an organisation with 1,000 or more users, while SMB refers to small and medium businesses with fewer than 1,000 users. Within the SMB segment, small business refers to organisations with less than 100 users, and medium business refers to organisations having between 100 and 999 users.

• Frost & Sullivan provides analyses of the MSS market in the following areas: growth, demand, pricing, channel distribution, legislation, and technology trends. These include regional and

vertical market forecasts as well as an in-depth look at the competition within the MSSP market.

• The base year for this study is 2012, and revenue forecasts and trends are provided through 2018. Historical data is quantified to reveal trends since 2011.

(14)

Market Overview—Definitions (continued)

Segment Definitions

• CPE MSS refers to managing, monitoring, and maintenance of security equipment, which is

owned by the client and housed in the client’s premises (CPE), from a SOC or by dedicated onsite personnel. Monitoring may occur in real-time or at periodic intervals.

• CPE MSS covered in this study includes the following:

o Firewall

o Intrusion Detection Systems (IDS) / (IPS) Intrusion Prevention Systems

o Antivirus (AV)/antispyware (AS)/Content filtering (CF) products

o Identity access management (IAM) methods such as tokens, smart cards, biometrics, personal identification numbers (PINs), and passcodes

o Unified threat management (UTM)

o Security information and event management (SIEM) and log management

o Data loss prevention (DLP)

o Endpoint security

(15)

Market Overview—Definitions (continued)

• Hosted MSS refers to shared customers (i.e., multi-tenant security equipment) or dedicated customer security services delivered based on the equipment housed in service provider’s premises (service provider premises equipment, SP-PE) or at a third-party location. Regardless of equipment location, the services rendered are fully managed through the service provider’s security operations centre

(SOC).

• Hosted MSS covered in this study include the following:

o Firewall

o IDS/IPS

o AV/AS/CF

o IAM

o SIEM and log management

o Distributed Denial of Service mitigation (anti-DDoS)

(16)

Market Overview—Definitions (continued)

• Professional services are security consulting services, for example creating security or incident response policies and procedures. Assessing security architecture and comparison to industry standards, such as the ISO 27001 series, are included in professional services.

• Technical services are specialised security services and include penetration testing, eDiscovery, incident response, vulnerability assessment, and data forensics.

• Professional and technical services are excluded from the scope of this study.

(17)

What is the total addressable market of MSS market by region/country in EMEA?

What are the values of the CPE and hosted MSS segments? How fast will these segments grow over the next five years?

Which services are experiencing more demand? How will the demand for services change over the forecast period?

What are the most prominent verticals that MSSPs are operating in?

What trends are, and will continue, shaping the future of MSSPs and MSS offerings?

Who are the leading competitors in the EMEA MSS market?

Market Overview—Key Questions This Study Will Answer

(18)

Total MSS Market: Market Segmentation, EMEA, 2012

*Professional and technical services are excluded from the scope of this study.

CPE Services

Managed Security Services

Hosted Services Technical

Services* Firewall IDS/IPS AV/AS/CF SIEM Vulnerability Assessment Penetration Testing UTM IAM DLP Endpoint Security Firewall IDS/IPS AV/AS/CF SIEM IAM Professional Services* Security Advisory Benchmarking Security Architecture Assessments eDiscovery Incident Response Data Forensics Anti-DDoS

Market Overview—Segmentation

(19)

CPE-based MSS 72.8% Hosted MSS

27.2%

Market Overview—Segmentation (continued)

Note: All figures are rounded. The base year is 2012. Source: Frost & Sullivan

Per cent Sales Breakdown Total MSS Market: EMEA, 2012

(20)

Expansion of Hosted MSS Offerings Enhancement of Vulnerability Scanning Capabilities Expansion of Mobile Security Offerings Expansion of Advanced Threat Detection Services Enhancement of IP Management, IP Reputation Services, and DDoS Mitigation Expansion and Enhancement of Federated Identity

and IAM Services

Enhancement of Reporting and

Remediation Capabilities

Total MSS Market: Service Technology Roadmap, EMEA, 2011–2016

2012 2011 2014 2016 Enhancement of Data Protection, Data Integrity Offerings

Market Overview—Service Technology Roadmap

(21)

MSSPs

End User

Direct Sales *VARs, SIs, ISPs

Key Takeaway: MSSPs prefer the direct sales channel because it enables MSSPs to build a strong relationship with the client, provide a higher level of services, and maintain their reputation.

*Key: VARs—Value-added Resellers, SI—System Integrators, ISPs—Internet Service Providers

Total MSS Market: Distribution Channel Analysis, EMEA, 2012

Market Overview—Distribution Channels

(22)

External Challenges: Drivers and Restraints—

Total MSS Market

(23)

Marke t D ri ve rs Marke t Restraints

1–2 Years 3–4 Years 5–6 Years

The increasing complexity of protecting infrastructure against advanced threats compels businesses to adopt MSS

Industry and regulatory compliance induces organisations to adopt a MSSP partnership to cost-effectively adhere to legislations and standards

Reluctance to outsource security has also curtailed the expansion of MSS

Limited IT budgets drive MSS adoption, in particular hosted MSS adoption, as organisations seek to shift away from CAPEX to operational expenditures

Misperceptions about regulations cause businesses to hesitate before entering into a partnership with a MSSP A lack of internal expertise and security experts

incentivises organisations to outsource the monitoring and management of security appliances

Difficulties with building a business case have limited the adoption of MSS

Impact: High Medium Low

Total MSS Market: Key Market Drivers and Restraints, EMEA, 2013–2018

Drivers and Restraints

(24)

Drivers Explained

The Increasing Complexity of Protecting Infrastructure against Advanced Threats Compels

Businesses to Adopt MSS

• Targeted attacks have become increasingly complex. Well-funded intruders have developed sophisticated evasion techniques to remain undetected by the traditional security appliances and software deployed in organisations.

• Cyber intelligence and powerful behavioural analytics platforms represent the main defences that an organisation can draw upon to mitigate the risks posed by advanced threats.

• MSSPs have an advantage over internal information technology (IT) departments because MSSPs have greater visibility into the threat landscape. MSSPs can detect emerging threats much earlier than a stand-alone organisation due to the vast arrays of data they can have access to.

• This value proposition has been compelling to drive the demand of MSS, especially from large

enterprises.

Limited IT Budgets Drive MSS Adoption, in Particular Hosted MSS Adoption, as Organisations Seek to Shift Away from CAPEX to Operational Expenditures

• Constant pressures to reduce spending on IT is forcing businesses to consider alternatives to effectively meet internal and external demands of their IT departments.

• In terms of IT security, a MSSP alleviates cost pressures by providing in-depth expertise in security at lower price points than an internal security department could accomplish. More importantly, businesses that opt for hosted MSS do not incur CAPEX related to the acquisition of security equipment.

(25)

Drivers Explained (continued)

Industry and Regulatory Compliance Induces Organisations to Adopt a MSSP Partnership to

Cost-effectively Adhere to Legislations and Standards

• Industry and regulatory compliance has been a major driver of MSS during the last decade and it will continue being so for the next five years.

• The European Commission (EC) has drafted a directive on network and information security. The new directive will obligate businesses to upgrade their security equipment and software, improve their security procedures and policies, and develop comprehensive breach reporting processes. • The requirements of the new directive, especially those related to breach reporting, will translate

into higher costs to businesses and greater complexities in managing security services. Therefore, it is expected that businesses will turn to MSSPs to cost-effectively comply with the new

regulations.

A Lack of Internal Expertise and Security Experts Incentivises Organisations to Outsource the Monitoring and Management of Security Appliances

• The costs of hiring, training, and retaining security experts have raised considerably.

Organisations, in particular small and medium businesses, often lack the personnel or the resources to maintain sufficient personnel to administrate IT security.

• MSSPs can build economies of scale, by training and retaining a number of security experts, and cost-effectively provide MSS. This value proposition appears persuasive to many businesses that will end up adopting MSS.

(26)

Restraints Explained

Misperceptions about Regulations Cause Businesses to Hesitate before Entering into a

Partnership with a MSSP

• Misperceptions on data privacy regulations often lead businesses to not opt for managed security services because they do not understand whether they are legally allowed to outsource certain fractions of their IT security operations.

• It is important to mention, however, that MSS are indeed restricted to operate and store data within certain countries or regions, in some cases, due to data privacy laws.

• It is expected that the effect of this restraint will be reduced in the coming years, as the EC is working on homogenising the various data privacy laws of its member states.

Difficulties with Building a Business Case have Limited the Adoption of MSS

• Although top executives and board members have greater awareness of the importance of IT security, they still have many difficulties when building their business case for MSS.

• Their main difficulties are how to translate an advanced threat, which has a low likelihood but highly negative impact on an organisation’s operations and reputation, into a financial cost. Moreover, businesses struggle to articulate how a MSSP can minimise that financial cost. • The challenge of building a financial argument for MSS results in limited adoption rates of MSS

among certain organisations.

(27)

Restraints Explained (continued)

Reluctance to Outsource Security has also Curtailed the Expansion of MSS

• A number of businesses still prefer to keep all their security operations in-house. Businesses base this decision on various reasons including uncertainty of compliance with data privacy regulations, difficulties when building a business case—as discussed in the previous restraints, and fears of reducing the importance or the headcount of IT departments.

• Decision makers in IT departments naturally show some degree of concern about the role their department/area will play once the organisation outsources part of its IT security operations to a MSSP. Therefore, some decision makers show reluctance to adopt MSS.

(28)

(29)

Forecast Assumptions

• Frost & Sullivan’s revenue forecast is primarily based on the analysis of aggregated information obtained during in-depth interviews with leading and second-tier MSSPs.

• Data centre service providers and system integrators (ITSPs), communication service providers (CSPs), and security specialists shared their opinions on the total addressable market, the size of MSS segments, the maturity of countries or regions in terms of MSS adoption, and the demand of MSS by product type.

• The results of the primary research was complemented with an extensive analysis of annual reports, financial result releases, and Frost & Sullivan’s databases.

• The forecast model includes MSS revenue from direct and indirect sales. Likewise, the forecast model includes revenue from CPE-based MSS and hosted MSS, however, professional and technical services are excluded from this study.

• The forecast model also intends to estimate the corresponding value of managed security services when delivered as a part of larger managed services deals or larger IT/network security deals.

(30)

Forecast Assumptions (continued)

The MSS market revenue and growth rate are based on the multiple assumptions including the following factors:

• The current and expected maturity of countries in terms of the adoption of IT security services. • The positive and negative effects of legislation on businesses’ willingness to outsource security

services.

• The current and expected expansion of virtualised IT environments and cloud-based services among businesses.

• The current and expected penetration of security appliances among businesses. • The evolution of the threat landscape throughout the forecast period.

In Frost & Sullivan’s opinion, the bleak economic outlook of the EMEA region, in particular in Europe, has had little impact on the MSS market. It is actually believed that the sluggish economic environment has driven the adoption of MSS due to the need of having better cost controls.

(31)

Key Takeaway: Enterprises’ impediments to protect against targeted attacks with internal resources is driving the demand for MSS.

2011 2012 2013 2014 2015 2016 2017 2018 Revenue 2.27 2.62 3.03 3.46 3.91 4.40 4.92 5.50 Growth Rate - 15.6 15.4 14.1 13.1 12.6 11.9 11.7 0.0 2.0 4.0 6.0 8.0 10.0 12.0 14.0 16.0 18.0 0.00 1.00 2.00 3.00 4.00 5.00 6.00 Grow th Ra te ( % ) Re ven ue ($ Bi ll ion) Year

Total MSS Market—Revenue Forecast

Total MSS Market: Revenue Forecast, EMEA, 2011–2018 CAGR = 13.1%

(32)

Revenue Forecast Discussion

• Frost & Sullivan estimates that the MSS market reached $2.62 billion in EMEA in 2012. The market is expected to grow at a compound annual growth rate (CAGR) of 13.1% over the forecast period. • The majority of MSSPs interviewed for the purpose of this study estimated that the value of the

market in EMEA was within the $2 to $3 billion range.

• Some MSSPs were unable to give an estimate beyond the revenue their own company generated or

the value of the regional/country market where they operate.

• However, Frost & Sullivan has found, by aggregating the information, that company-specific, or country-specific estimates are, in most cases, in line with the range mentioned above.

• The market is expected to grow rapidly due to the increasingly complex threat landscape and the impediments organisations have to cost-effectively secure their infrastructure with internal

resources.

• Extensive media coverage on cyber espionage and security breach cases have placed managed security services high on the agenda of the top senior management of organisations.

• This awareness, coupled with MSSPs’ efforts to put security within a business context, will fuel the

growth for managed security services.

• A majority of MSSPs claim to have achieved revenue growth rates between 15% to 20% in 2012. A significant share of MSSPs also claimed that they will maintain these levels of growth over the forecast period.

(33)

Revenue Forecast Discussion (continued)

• However, when asked about the overall growth of the MSS market, various MSSPs expected the MSS market to grow between 12% to 15% over the next five years.

• From a segment standpoint, both CPE-based MSS and hosted MSS are expected to register double-digit growth rates throughout the forecast period.

• An increasing demand for, and the supply of, hosted-based MSS offerings are expected to result in

an expansion of the hosted MSS segment at a CAGR of 17.1%.

• When compared to the results of the 2012 MSS in EMEA study, the estimated value of the MSS market in 2012 is lower than Frost & Sullivan anticipated.

• The underlying reason for this is the change in the research scope, i.e., the exclusion of the

professional security services, which previously amounted to approximately 25% of the overall MSS market. A lower-than-expected growth rate for the base year—15.6% for 2012 instead of 18.4%— also contributed to the decrease of the estimated value of the MSS market.

• Growth rates for the forecast period are also lower than anticipated in the 2012 study. A slower-than expected-migration to cloud-based services has slightly postponed the exponential growth of the hosted MSS segment.

• Higher consumption of cloud-based services is believed to increase the readiness of organisations to adopt hosted MSS because they familiarise organisations with the delivery of IT services based on off-premises equipment.

(34)

Total MSS Market: Price Factors, EMEA, 2012

Key Takeaway: The value of a yearly contract widely varies depending on a number of factors

that range from SLAs through delivery mode to the types of services.

Annual Contract Sizes Range between Tens of

Thousands Dollars to Single-digit Million-dollar Figures Geographic Coverage Degree of Involvement Type of Service Number of Users/Devices Service-level Agreements (SLAs) Integration of Other Managed Services Delivery Mode

Total MSS Market—Pricing Factors

(35)

Pricing Discussion

• Multiple factors determine the annual value of a MSS contract. SLAs, which are broadly defined by

parameters such as average response time to security events and average response time to service

failures, vary according to different service packages—for example, standard or premium—offered by MSSPs.

• Higher guaranteed service parameters are, naturally, reflected in higher contract values.

• The delivery mode, CPE-based, or hosted—shared or dedicated; the degree of involvement, from monitoring the log stream of security devices or managing them; the type of service, which may include the monitoring/management of a firewall, IPS/IDS, AV/AS/CF, endpoints, UTM, SIEM, among others; and the corresponding number of devices/users influence the size of the annual contracts.

• Customers’ geographical footprint—be it global, regional, or local—and the corresponding

requirements regarding regulatory compliance and the possibility of shoring, also have an effect on

the annual contract size.

• Other factors such as length of the subscription service and the integration with other services— managed, professional/technical security, or system integration—affect the annual contract size. • One-off set-up fees, either per site or per device, can also be part of the annual contract.

• The integration with other services and greater volume of monitored/managed devices often results in price discounts.

(36)

Pricing Discussion (continued)

• Price discounts are applied depending on the core business of the MSSP. If the MSSP is a security specialist, pricing discounts often apply to professional and technical security services to attract new customers.

• In contrast, if the MSSP is an ITSP or CSP, pricing discounts often apply to the MSS offer itself, as MSS is only a part of a larger managed services/system integration deal.

• While the annual contract value for a SMB typically ranges between $20,000 to $200,000, the annual contract value for a large enterprise on average varies between $200,000 and $3 million. • Frost & Sullivan’s research indicates that, on the overall MSS market, price pressures have not been

severe, but a majority of MSSPs expect price pressures to intensify in the forecast period. • Until now, competitive pressures tend to be more customer and vertical-segment specific.

• SMBs, which are driven by regulatory compliance to adopt MSS, tend to ask for relatively low prices for the scope of services they demand.

• Likewise, local public institutions tend to push MSSPs to lower their price points considerably given the quality of service they require.

• Frost & Sullivan expects, however, that by the end of the forecast period, the commoditisation of MSS and competitive pressures will drive down the price of MSS offerings.

(37)

Key Takeaway: The United Kingdom and Germany represent the largest markets and growth opportunities for MSSPs. 2011 2012 2013 2014 2015 2016 2017 2018 Others* 605.5 702.4 812.4 928.1 1,050.7 1,183.7 1,326.0 1,481.8 MEA 224.1 260.0 301.5 345.9 392.3 443.0 497.2 557.0 Benelux 157.1 180.4 207.1 235.0 264.5 296.8 331.9 369.5 Nordics 163.3 188.9 218.3 249.5 282.5 318.5 357.2 399.7 France 292.6 338.0 388.4 442.0 498.8 560.0 623.8 694.7 Germany 411.1 474.5 546.9 624.4 706.0 794.6 889.3 993.1 UK 416.6 480.3 552.8 630.6 712.7 802.2 897.7 1,002.5 0.0 1,000.0 2,000.0 3,000.0 4,000.0 5,000.0 6,000.0 Re ven ue ($ M il li on) Year

*Others include Italy, Spain, ACH, CEE, and Rest of Europe.

Total MSS Market—Revenue Forecast by Region

Total MSS Market: Revenue Forecast by Region, EMEA, 2011–2018

(38)

Regional Revenue Forecast Discussion

• Frost & Sullivan estimates that the United Kingdom and German MSSP markets reached $480.3 and $474.5 million, respectively, in 2012.

• It is expected that the UK market will grow at a CAGR of 13.0% from 2012 to 2018. Likewise, it is forecasted that the German market will expand at a CAGR of 13.1%.

• A comparatively high readiness of organisations in the United Kingdom and Germany to adopt MSS explains the market size and the relatively rapid growth of these countries.

• France ranks third in the EMEA region in terms of size. Frost & Sullivan estimates that the French MSS market reached $338.0 million in 2012.

• Although the size of the French MSS market is expected to increase at a healthy growth rate, at a

CAGR of 12.8%, Frost & Sullivan believes that misperceptions around data privacy laws will deter the adoption of MSS among certain organisations, mainly financial institutions and public sector organisations.

• Organisations in the Nordics ($188.9 million), Benelux ($180.4 million), and ACH ($155.7 million) exhibit similar characteristics, namely a high preparedness for adopting MSS and a willingness to go beyond compliance and truly mitigate IT security risks.*

• In contrast, organisations in Spain and Portugal ($161.4 million), as well as Italy ($155.4 million) have shown a lower willingness and preparedness to adopt MSS, hence the comparatively small market size of these countries.*

(39)

Regional Revenue Forecast Discussion (continued)

• Unlike in Italy, organisations in Spain seem to be more prone to adopt MSS over the forecast period, resulting in a fast-developing Spanish MSS market.

• Frost & Sullivan estimates that the MSS market in the CEE and MEA generated $156.6 and $260.0 million in 2012, respectively.

• Frost & Sullivan expects the MSS market in CEE and MEA to grow at above-average growth rates for the EMEA region.

(40)

*A list of “Other” vertical markets can be found in the appendix.

Key Takeaway: The healthcare, manufacturing, and technology verticals will fuel MSS market growth.

2011 2012 2013 2014 2015 2016 2017 2018 Others* 457.2 527.1 607.5 692.3 779.0 872.5 970.6 1,074.7 Technology 158.4 185.4 216.3 249.6 284.9 322.5 363.5 409.1 Manufacturing 330.4 390.4 457.8 532.8 613.9 701.6 794.6 898.4 Healthcare 294.6 345.7 405.1 471.3 542.5 620.8 705.6 800.2 Government 394.5 452.6 517.7 583.3 653.0 728.4 805.8 889.6 Financial Services 635.0 723.3 823.2 926.1 1,034.3 1,152.9 1,283.0 1,426.2 0.0 1,000.0 2,000.0 3,000.0 4,000.0 5,000.0 6,000.0 Re ven ue ($ M il li on) Year

Total MSS Market—Revenue Forecast by Vertical Market

Total MSS Market: Revenue Forecast by Vertical Market, EMEA, 2011–2018

(41)

Vertical Market Revenue Forecast Discussion

• The financial services segment constitutes the largest vertical market for MSS. Frost & Sullivan estimates that in 2012, the financial services segment represented $723.3 million for MSSPs.

• Overall, regulatory and industry compliance has driven the adoption of MSS in the financial services segment.

• A number of MSSPs revealed that an increasing number of banks, and in particular insurance service providers, are adopting MSS in order to minimise fraud and customer data breaches.

• Frost & Sullivan expects that the financial services segment will expand at a 12.0% CAGR from

2012 to 2018.

• Regulatory compliance has also driven the adoption of MSS among institutions in the public sector. Frost & Sullivan estimates that the government segment generated $452.6 million in 2012.

• Limited IT budgets from local governments and government agencies is likely to put price pressure on the MSS market.

• Frost & Sullivan expects the government segment will grow at a healthy, yet relatively moderate CAGR of 11.9%.

• Organisations in the healthcare ($345.7 million), manufacturing ($390.4 million), and technology ($185.4 million) verticals have engaged in a partnership with MSSPs driven by the need to protect their intellectual property (IP) and comply with relevant regulations.

• A majority of MSSPs concur that the proliferation of advanced persistent threats (APTs) will significantly drive their business in the healthcare, manufacturing, and technology verticals as organisations in these verticals turn to them to mitigate IT security risks.

(42)

Vertical Market Revenue Forecast Discussion (continued)

• Frost & Sullivan estimates the CAGR of the healthcare segment at 15.0%, manufacturing segment at 14.9%, and technology at 14.1%.

• Other prominent verticals for MSSPs are energy (oil and gas), utilities, retail and consumer, media

and entertainment, and business services.

• Critical infrastructure protection programs have driven the adoption of MSS for energy and utilities verticals. Frost & Sullivan estimates that these two verticals, combined, generated a revenue of approximately $350 million for MSSPs in 2012.

• Regulatory compliance has been a major factor in accelerating the adoption of MSS among the retail and consumer segments. Frost & Sullivan calculates that the value of the retail and consumer segments ranges between $180 and $200 million in 2012.

• Organisations in the media and entertainment, and business services—in particular legal and

consulting services—segments have adopted MSS to protect their IP, and, in many instances, the IP of their customers. Frost & Sullivan believes the combined value of these two segments is

approximately $180 million in 2012.

• MSSPs recognise that is fundamental to have in-depth knowledge on the applicable regulations in a

vertical, the specifics that an IT infrastructure may have in that vertical, and the role this

infrastructure plays within a business context. However, a majority of MSSPs expressed that the core of their MSS offering does not change considerably from one vertical to another.

• MSSPs typically exhibit stronger performance in two or three selected verticals. The financial services tends to rank high in the MSSPs’ revenue split by vertical.

(43)

(44)

Key: SMB—Small to Medium Business: fewer than 1,000 users. Enterprise—Greater than 1,000 users.

Key Takeaway: MSSPs continue to predominantly target large enterprises.

SMB 20.6%

Enterprise 79.4%

Total MSS Market—Penetration Analysis

Per cent Sales Breakdown Total MSS Market: EMEA, 2012

(45)

2011 2012 2013 2014 2015 2016 2017 2018 SMB 0.47 0.54 0.62 0.71 0.81 0.91 1.02 1.14 Enterprise 1.80 2.09 2.40 2.74 3.10 3.49 3.90 4.36 0.00 1.00 2.00 3.00 4.00 5.00 6.00 Re ven ue ($ Bill ion ) Year

Total MSS Market—Penetration Analysis (continued)

Total MSS Market: Revenue Forecast by Business Size, EMEA, 2011–2018

Note: All figures are rounded. The base year is 2012. Source: Frost & Sullivan Key: SMB—Small to Medium Business: fewer than 1,000 users. Enterprise—Greater than 1,000 users.

(46)

Total MSS Market—Penetration Analysis Discussion

• Frost & Sullivan’s research indicates that enterprises constitute 79.4% of the MSS market.

• It is expected that the share of the enterprise segment will remain practically unchanged by the end

of the forecast period, at 79.2% in 2018.

• Enterprises with a global footprint have predominantly been the early adopters of MSS. • Challenges around monitoring and managing security appliances in a globally dispersed IT

infrastructure makes MSS a compelling alternative for multinational corporations.

• Within the enterprise segment, several trends are, and will continue, shaping the demand of MSS:

o As targeted attacks become more complex and stealthy, enterprises seek solutions in MSS offerings that mitigate these types of risks.

o Pioneering enterprises increasingly value proprietary technologies or features specific to a MSSP, such as a large base of customers or installed network, that help detect targeted attacks, when choosing a MSS offering.

o Pioneering enterprises have expanded the concept of IT security from “enterprises-protection”

to “value chain-protection.” The demand for MSS offerings that cover enterprises and

enterprises’ third-parties is expected to augment.

o With time, more enterprises will follow the path set by their pioneering peers.

o Overall, enterprises increasingly require MSSPs to have a more prominent role in their IT security management as well. MSSPs are shifting away from alerting and providing

(47)

Total MSS Market—Penetration Analysis Discussion

(continued)

o Moreover, it is expected that many enterprises will adopt a hybrid-MSS approach, where they engage with a MSSP only for certain parts of their security architecture.

o The hybrid approach is driven by the need of some enterprises to preserve large investments in security assets, or to comply with vertical market requirements or policies that obligate them to keep security operations in-house.

o The demand for comprehensive, customised, and real-time reporting tools attached to a MSS offering is also on the rise.

o The need for better and more informed governance practices, as well as stricter and more specific

regulations are major drivers of reporting tools.

o In line with the above mentioned trends, MSSPs progressively focus on converting the data of

security events into actionable information, upon which managers at different levels of an enterprise can assess the effect of IT security in their business operations.

o The migration of enterprises IT architectures towards cloud-based environments is expected to drive the demand of hosted MSS, too.

(48)

MSS Market—Penetration Analysis Discussion (continued)

• Frost & Sullivan estimates that the SMB segment represented 20.6% of the EMEA MSS market in 2012, and expects that it will slightly increase to 20.8% by 2018.

• Segregating the SMB segment, Frost & Sullivan calculates that medium businesses (100 to 999

employees) and small businesses (up to 99 employees) represented 17.5% and 3.1% of the MSS market, respectively, in 2012.

• Various MSSPs admitted to having rejected requests from small business at some instance because of the complexity of providing the service required within the limited budgets of SMBs. • Although the SMB segment is forecasted to grow at a CAGR of 13.3%, Frost & Sullivan believes

that much of the grow will concentrate on medium businesses.

• Despite the forecast that the number of SMBs that will adopt MSS will increase exponentially, competitive pressures and limited IT budgets will likely keep the prices of MSS offerings for this segment low.

• Therefore, in Frost & Sullivan’s opinion, the sharp increase of the number of SMBs adopting MSS will not necessarily translate into exponential growth of the value of SMBs segment.

• The main trend shaping the demand of MSS among SMBs is the uptake of MSS offerings bundled with other IT or communication services.

• From a vertical market standpoint, early adopters of MSS can be found in the consulting and legal business services, as well as the online commerce and gaming industries.

(49)

Market Share and Competitive Analysis—

Total MSS Market

(50)

n = 65

Key Takeaway: Although the MSS market has reached maturity, it remains fragmented.

*A list of “other” companies can be found in the appendix.

BT 7.5% IBM 7.3% OBS 7.1% T-Systems 5.9% HP 5.9% Verizon 5.6% Atos 4.0% Telefónica 3.0% *Others 53.7%

Competitive Analysis—Market Share

Per cent of Sales

(51)

Companies Revenue (%) BT 7.5 IBM 7.3 OBS 7.1 T-Systems 5.9 HP 5.9 Verizon Business 5.6 Atos 4.0 Telefónica 3.0 Others* 53.7 Total 100.0

Total MSS Market: Company Market Share Analysis of Top Eight

Participants, EMEA, 2012 • It is interesting to note that the top 8 MSSPs are

well-established SPs in the telecom and IT space. • This indicates a propensity among organisations

to include MSS within larger managed services or outsourcing deals.

• All the top 8 MSSPs have a global footprint,

provide services from at least 2 SOCs, and

primarily target multinational corporations. • BT, OBS, T-Systems, and Telefónica have all a

strong foothold in their local markets, namely the United Kingdom, France, Germany, and Spain, respectively.

• The US-based MSSPs—IBM, HP, and Verizon Business—enjoy recognition as leading global MSSPs, hence their success in EMEA.

Market Share Analysis

*A list of “other” companies can be found in the appendix. Note: All figures are rounded. The base year is 2012. Source: Frost & Sullivan

(52)

Total MSS Market: Competitive Structure, EMEA, 2012 Number of Companies in the Market 65 with revenue greater than $1 M

Competitive Factors Reputation, number of security professionals and their certifications, partnerships and accreditations, pre-sales customer services, service-level agreements (SLAs)

Key End-user Groups Financial services, government, manufacturing, healthcare,

technology

Major Market Participants BT, IBM, OBS, T-Systems, HP, Verizon Business, Atos, Telefónica

Market Share of Top 8 Competitors 46.3%

Other Notable Market Participants Unisys, CGI, Dell SecureWorks, AT&T, BAE Detica Systems, Symantec, Open Systems, Dimension Data, Integralis,

SecureData, Swisscom, Accumuli, Above Security, Sentor Distribution Structure Primarily direct sales

Notable Acquisitions and Mergers CGI acquired Logica

Competitive Environment

(53)

Key Takeaway: Currently MSSPs can be grouped in three competitive groups, namely security specialists, ITSPs, and CSPs.

ITSPs CSPs

Security Specialists • Strong, large portfolio of

proprietary technologies in security.

• Differentiation through network

and device independence.

• Some key participants:

o Above Security

o Accumuli

o BAE Systems Detica

o Dell SecureWorks o Integralis o Open Systems o SecureData o Sentor o Symantec

• Strong value proposition in data centre and managed IT services.

• Differentiation through

bundling MSS with other IT

services.

o Atos o CGI o Dimension Data o HP o IBM o Unisys o Wipro

• Strong value proposition in connectivity and managed network services.

• Differentiation through

security network expertise.

o BT o Belgacom o KPN o OBS (Orange) o Swisscom o T-systems (Deutsche Telekom) o Telefónica

Competitive Landscape

(54)

Key Takeaway: Security specialists will differentiate into niche markets and competition among ITSPs and CSPs will intensify.

ITSPs CSPs

Security Specialists

The proliferation of cloud environments will blur the boundaries between

ITSPs and CSPs.

• Security specialists have a competitive edge in delivering high-quality professional and

technical security services.

• Network and device

independence will continue being key differentiators. • Expertise in areas such as

IAM, DLP, SIEM, and mobile endpoint security will also be key differentiators.

• A majority of security

specialists will remain focused on the CPE-based MSS

market.

• Expansion of the IT arms from CSPs and cloud computing will increasingly eliminate the difference between CSPs and ITSPs. • As competition increases, ITSPs and CSPs may acquire

smaller security specialists to obtain key technology assets and security professionals, who are in short supply.

• Deriving security intelligence from the large customer base and infrastructure will be a key success factor for these service providers.

Competitive Landscape (continued)

(55)

Driving MSS Adoption Driving the Sales Force Hiring, Retaining Resources Building Brand Awareness

Frost & Sullivan lists some of the most common challenges faced by MSSPs. Certain challenges tend to be more collective within certain groups of MSSPs as explained below:

• Demonstrating value and convincing the decision makers at different levels of an organisation of the advantages of MSS remains a challenge.

• Flexibility and a hybrid approach, whereby the MSSP takes only a part of the security architecture, have lessened the magnitude of this challenge.

• A majority of MSSPs suffer from relatively low brand awareness on a global

scale. As MSS increasingly involves threat intelligence, the need to be recognised as a global MSSP will be greater.

• CSPs and security specialists more frequently face this challenge.

• Some ITSPs and CSPs struggle to stimulate their sales force to push MSS. • The underlying reasons can be poor knowledge by the sales force on the MSS

offering or a lack of a proper system of incentives.

• Having a dedicated sales force to security services or security experts performing business development roles can help to address this challenge. • Like the enterprises, MSSPs find it challenging to hire and retain highly-skilled

resources.

• Besides the typical incentives of an HR strategy, MSSPs consider strategic acquisitions to enlarge their human resource base.

MSSPs’ Challenges

(56)

(57)

Important Segment Characteristics

Factors Assessment Trend Opportunity Size

($B) 1.91

▲

Primary Needs

Expertise, support to security devices from multiple vendors

---

Price Sensitivity Medium

▲

Demand for

Innovation Medium

▲

Market Share 72.8%

▼

Key Takeaway: MSSPs predominantly deploy CPE-based MSS.

TREND

Decreasing Stable Increasing

▼

_●

▲ _{*A list of “Others” can be found in the}_appendix_.

Firewall 31.6% IPS/IDS 17.5% SIEM 10.7% AV/AS/CF 9.4% IAM 7.9% UTM 7.4% Others* 15.5%

CPE-based MSS Segment Breakdown

Per cent Revenue by Service

CPE-based MSS Segment: EMEA, 2012

(58)

MEASUREMENT NAME MEASUREMENT TREND

Segment Stage Mature

—

Segment Revenue (2012) $1.91 B

▲

Segment Forecast (2018) $3.65 B

▲

Base Year Segment Growth Rate 13.4%

▼

Compound Annual Growth Rate (CAGR, 2012–2018) 11.4%

—

Price Sensitivity (scale of 1 to 10, Low to High) 6

▲

Degree of Competition (scale of 1 to 10, Low to High) 6

▲

Degree of Technical Change (scale of 1 to 10, Low to High) 7

▲

Customer Loyalty (scale of 1 to 10, Low to High) 9

●

CPE-based MSS Segment: Market Engineering Measurements, EMEA, 2012

CPE-based MSS Segment—Market Engineering

Measurements

Note: All figures are rounded. The base year is 2012. Source: Frost & Sullivan TREND

(59)

Key Takeaway: Despite CPE-based MSS having reached maturity, this segment is expected to maintain double-digit growth rates throughout the forecast period.

2011 2012 2013 2014 2015 2016 2017 2018 Revenue 1.68 1.91 2.16 2.43 2.70 3.00 3.31 3.65 Growth Rate - 13.4 13.3 12.2 11.3 10.9 10.4 10.3 0.0 2.0 4.0 6.0 8.0 10.0 12.0 14.0 16.0 0.00 0.50 1.00 1.50 2.00 2.50 3.00 3.50 4.00 Grow th Ra te ( % ) Re ven ue ($ Bill ion ) Year

CPE-based MSS Segment—Revenue Forecast

CPE-based MSS Segment: Revenue Forecast, EMEA, 2011–2018 CAGR = 11.4%

(60)

CPE-based MSS Segment—Revenue Forecast Discussion

• The CPE-based MSS segment is expected to grow at a CAGR of 11.4%, which is at lower pace than the overall market.

• Frost & Sullivan estimates that the CPE-based MSS segment’s share will slightly decrease from 72.8% of the market in 2012 to 66.5% in 2018.

• From a MSSP standpoint, CPE-based MSS generates practically the entire revenue associated with MSS for security specialists.

• A majority of MSSPs expressed that success in the CPE-based MSS segment largely depends on the ability to demonstrate to customers how MSSPs can obtain value from the existing investments

(61)

*A list of “Others” can be found in the appendix.

Key Takeaway: Increasing demand for SIEM, endpoint security, IAM, and UTM will characterise the CPE-based MSS segment.

2011 2012 2013 2014 2015 2016 2017 2018 Others* 254.8 296.7 345.0 399.1 457.8 522.6 588.4 660.6 UTM 121.5 140.5 162.6 187.3 213.9 242.1 273.3 307.6 IAM 128.7 150.1 174.7 201.9 230.9 261.6 295.9 333.9 AV/AS/CF 156.7 180.1 205.4 232.2 260.1 290.1 322.4 357.0 SIEM 173.7 203.9 239.2 279.6 321.2 366.3 414.2 467.7 IPS/IDS 303.6 334.6 368.4 398.6 429.1 461.7 496.7 534.2 Firewall 545.9 604.7 669.3 730.5 790.9 855.6 922.4 992.7 0.0 500.0 1,000.0 1,500.0 2,000.0 2,500.0 3,000.0 3,500.0 4,000.0 Re ven ue ($ M il li on) Year

CPE-based MSS Segment—Revenue Forecast by Service

CPE-based MSS Segment: Revenue Forecast by Service, EMEA, 2011–2018

(62)

CPE-based MSS Segment—Revenue Forecast by Service

Discussion

• Traditional security appliances—firewall and IPS/IDS—still represent the largest share of CPE-based MSS.

• However, Frost & Sullivan expects that the CPE-based firewall share will decrease from 31.6% in 2012 to 27.2% in 2018.

• Likewise, Frost & Sullivan estimates that CPE-based IPS/IDS share will decline from 17.5% in 2012 to 14.6% by the end of the forecast period.

• In contrast, the share of AV/AS/CF in the CPE-based segment will slightly increase from 9.4% in the

base year to 9.8% in 2018.

• The demand for CPE-based IAM, UTM, and endpoint security will rapidly increase over the forecast period.

• Frost & Sullivan forecasts that IAM, UTM, and endpoint security will grow at a CAGR from 2012 to 2018 of 14.3%, 14.0%, and 14.6%, respectively.

• Growth of SIEM will be particularly high. Frost & Sullivan estimates that SIEM will increase from 10.7% of the CPE-based segment in 2012 to 12.8% 2018, representing a CAGR of 14.8%. • Within the others category, the demand for CPE-based DLP is expected to expand rapidly.

(63)

(64)

Important Segment Characteristics

Factors Assessment Trend Opportunity Size

($M) 713.9

▲

Primary Needs

Flexibility, clear, and transparent practices from the MSSP

---

Price Sensitivity Medium

▲

Demand for

Innovation Medium

▲

Market Share 27.2%

▲

Key Takeaway: Hosted MSS segment represents a small but increasing share of the market.

TREND

▼

_●

▲ *A list of “Others” can be foundin theappendix.

Firewall 26.0% IPS/IDS 16.6% SIEM 15.6% AV/AS/CF 24.8% IAM 7.1% Others* 9.9%

Hosted MSS Segment Breakdown

Per cent Revenue by Service Hosted MSS Segment: EMEA, 2012

(65)

Segment Stage Growth

—

Segment Revenue (2012) $713.9 M

▲

Segment Forecast (2018) $1.84 B

▲

Base Year Segment Growth Rate 22.0%

▲

Compound Annual Growth Rate (CAGR,2012–2018) 17.1%

—

Price Sensitivity (scale of 1 to 10, Low to High) 7

▲

Degree of Competition (scale of 1 to 10, Low to High) 6

▲

Customer Loyalty (scale of 1 to 10, Low to High) 9

●

Hosted MSS Segment: Market Engineering Measurements, EMEA, 2012

Hosted MSS Segment—Market Engineering Measurements

TREND

▼

_●

▲

(66)

Key Takeaway: Virtualisation, cloud computing, and cost controls are driving the adoption of hosted MSS. 2011 2012 2013 2014 2015 2016 2017 2018 Revenue 585.3 713.9 862.8 1,026.3 1,203.5 1,398.8 1,609.9 1,844.7 Growth Rate - 22.0 20.9 18.9 17.3 16.2 15.1 14.6 0.0 3.0 6.0 9.0 12.0 15.0 18.0 21.0 24.0 0.0 400.0 800.0 1,200.0 1,600.0 2,000.0 Grow th Ra te ( % ) Re ven ue ($ M il li on) Year

Hosted MSS Segment—Revenue Forecast

Hosted MSS Segment: Revenue Forecast, EMEA, 2011–2018 CAGR = 17.1%

(67)

Hosted MSS Segment—Revenue Forecast Discussion

• Almost all MSSPs reported a high growth of hosted MSS and they expect this to continue for the next five years.

• Frost & Sullivan estimates that the hosted MSS segment’s share will increase from 27.2% of the market in 2012 to 33.5% in 2018.

• CSPs and ITSPs seem to have taken the lead in deploying hosted MSS and they are expected to maintain an edge in this segment thanks to their strong value proposition in infrastructure and network services.

• While reducing capital expenditures is one of the main motivations for organisations to engage in hosted MSS, MSSPs highlighted the importance of having clear set of policies for data management and SLAs to convince potential customers to outsource part of their IT security operations.

(68)

*A list of “Others” can be found in the appendix.

Key Takeaway: Organisations will increasingly demand hosted MSS AV/AS/CF.

2011 2012 2013 2014 2015 2016 2017 2018 Others* 53.7 70.7 94.0 119.1 146.1 174.4 206.5 242.4 IAM 40.3 50.5 61.8 74.5 88.3 103.7 120.3 138.5 AV/AS/CF 145.4 177.3 214.5 255.3 299.7 349.6 402.3 461.9 SIEM 91.0 111.3 134.9 162.0 191.6 222.7 257.1 295.9 IPS/IDS 99.8 118.5 139.1 161.0 185.0 211.8 242.0 276.3 Firewall 155.1 185.4 218.6 254.2 292.8 336.7 381.7 429.6 0.0 300.0 600.0 900.0 1,200.0 1,500.0 1,800.0 2,100.0 Revenu e ($ M il li on) Year

Hosted MSS Segment—Revenue Forecast by Service

Hosted MSS Segment: Revenue Forecast by Service, EMEA, 2011–2018

(69)

Hosted MSS Segment—Revenue Forecast by Service

Discussion

• Demand for AV/AS/CF dominates in the hosted MSS segment. Frost & Sullivan expects that the revenue generated by AV/AS/CF will more than double within the forecast period.

• In terms of percentages, the share of AV/AS/AF within the hosted MSS segment will slightly increase from 24.8% to 25.0%.

• IAM and anti-DDoS are also expected to expand rapidly within the hosted MSS segment thanks to the advantages of deploying these solutions in the cloud.

• Frost & Sullivan estimates that revenue derived from hosted anti-DDoS can surpass the $100 million mark by the end of 2018.

• The need of protecting clients’ infrastructure from malicious traffic even before that traffic reaches their infrastructure is the major driver of hosted anti-DDoS.

• Hosted firewall and IPS/IDS also have a significant share of the segment, representing 26.0% and 16.6% in 2012, respectively.

• Although the share of hosted firewall and IDS/IPS will slightly decrease, Frost & Sullivan believes that both services will still experience double-digit growth rates throughout the forecast period.

(70)

(71)

2 Hybrid models will Prevail:

Organisations will be increasingly inclined to

outsource security through CPE or hosted delivery modes. However, many

of these organisations will still keep parts of their security operations

in-house, therefore, MSSPs should have flexible offerings.

3 Consolidation of the MSS Market:

The market is expected to

consolidate, bringing increasing competition and price pressures.

1 Broadening of the MSS Concept:

Security intelligence, threat analysis,

and proactive incident response will become standard elements of the

MSS offerings.

The Last Word—Predictions

(72)

2 Adopt a Risk-based Approach:

MSSPs should understand the business

context specific to a client, the risks the client is exposed to, and deliver

MSS accordingly.

3 Seek Potential Merger and Acquisition (M&A) Targets:

The market is

expected to consolidate and the acquisition of human talent, technologies,

or customer accounts will be crucial in the coming years.

1 Foster Brand Identity and Awareness:

A majority of MSSPs suffer from

low brand awareness outside their niche markets, regions of presence, or

traditional industries. MSS is a global business, hence it is key to build a

global brand.

The Last Word—Recommendations

(73)

Frost & Sullivan takes no responsibility for any incorrect information supplied to us by

manufacturers or users. Quantitative market information is based primarily on interviews and

therefore is subject to fluctuation. Frost & Sullivan research services are limited publications

containing valuable market information provided to a select group of customers. Our

customers acknowledge, when ordering or downloading, that Frost & Sullivan research

services are for customers’ internal use and not for general publication or disclosure to third

parties. No part of this research service may be given, lent, resold or disclosed to

noncustomers without written permission. Furthermore, no part may be reproduced, stored

in a retrieval system, or transmitted in any form or by any means, electronic, mechanical,

photocopying, recording or otherwise, without the permission of the publisher.

For information regarding permission, write to:

Frost & Sullivan

331 E. Evelyn Ave. Suite 100

Mountain View, CA 94041

(74)

(75)

One of Frost & Sullivan’s core deliverables

is its Market Engineering studies. They are

based on our proprietary Market

Engineering Methodology. This approach,

developed across the 50 years of

experience assessing global markets,

applies engineering rigor to the often

nebulous art of market forecasting and

interpretation.

A detailed description of the methodology

can be found

here

.

Market Engineering Methodology

(76)

Market Stage (Nascent, Growth, Mature) Mature

—

Market Revenue (2012) $2.62 B

▲

Average Package Deal Size $310,000

●

Market Size at End of Forecast Period (2018) $5.50 B

▲

Base Year Market Growth Rate 15.6%

▲

Compound Annual Growth Rate (CAGR, 2012–2018) 13.1%

—

Customer Price Sensitivity (scale of 1 to 10, Low to High) 6

● ▲

Market Concentration (% of base year market controlled by top three

competitors) 21.9%

▼

Market Overview

TREND

▼

_●

▲

Market Engineering Measurements

(77)

Number of Competitors (active market competitors in base year) 65

●

Number of Companies that Exited in Base Year* 0

●

Number of Companies that Entered in Base Year* 0

● Competitor Overview

Total Addressable Market

Replacement Rate (average contract period for MSS) 3.2 years

●

Average Renewal Rate (per customer) 96.1%

▲

Average Product Development Time 9 Months

▼

Industry Advancement

*Companies with revenue of more than $1 M revenue.

Market Engineering Measurements (continued)

TREND

▼

_●

▲

(78)

• Above Security • Accenture

• Accumuli Security • AT&T

• BAE Systems Detica • Belgacom SA • Computacenter • Dell SecureWorks • Dimension Data • HCL Technologies • Integralis • KPN • Open Systems • Sentor • Secure Data • Symantec • Tata Communications • Unisys • Wipro

Partial List of Other Companies Included for Market Sizing

Purposes

(79)

List of all vertical markets included in “Others” for Total MSS Market—Revenue Forecast by Vertical Market

• Business services (including legal)

• Consumer • Energy • Entertainment • Gaming • Media • Retail • Utilities

List of services included in “Others” for MSS Segment Breakdowns • Anti-DDoS

• DLP

• Endpoint Security

• Managed virtual private networks (VPNs) • Network Access Control

List of Items Included in “Others”

(80)

80 M953-74

APAC Asia Pacific

AV/AS/CF Antivirus/Antispyware/Content Filtering BT BT Global Services

CAGR Compound Annual Growth Rate

CAPEX Capital Expenditure

CPE Customer Premises Equipment CSP Communication Service Provider DDoS Distributed Denial of Service DNS Domain Name Server

DLP Data-loss Prevention

EMEA Europe, Middle East, Africa

IAM Identity Access Management

IDS/IPS Intrusion Detection System/Intrusion Prevention System IPAM IP Address Management

Table of Acronyms Used

(81)

ISP Internet Service Provider

ITSP Data Centre Service Providers and System Integrators LATAM Latin America

MSS Managed Security Service

MSSP Managed Security Service Provider NA North America

NOC Network Operating Centre OBS Orange Business Services

SIEM Security Information and Event Management SLA Service-level Agreement

SMB Small and Medium Business SOC Secure Operating Centre UTM Unified Threat Management VAR Value-added Reseller

VPN Virtual Private Network