• No results found

MANAGED SECURITY SERVICES (MSS)

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "MANAGED SECURITY SERVICES (MSS)"

Copied!
5
0
0

Loading.... (view fulltext now)

Download now ( 5 Page )

Full text

(1)

MANAGED SECURITY

SERVICES (MSS)

In many cases security requirements have

become part of compliance requirements, such as the Payment Card Industry Data Security Standard (PCI DSS), the Health Insurance Portability and Accountability Act (HIPAA), and others. Additionally, the cost of cybercrime to

businesses is on the rise with the majority of this cost coming from web attacks and malicious code.

Motivations can vary, but cyber security readiness is becoming a must for most organizations regardless of their size or vertical.

The Cyber Security Initiative.

Cybercrime is becoming an important factor for CIOs and IT professionals, but also for CFOs,

compliance officers and business owners. The current cyber security threat landscape is

getting more and more complex and the decision of buying and implementing solutions to

defend against it can be quite challenging.

Source: Ponemon Institute – First Annual Cost of Cyber Crime Study. 2010

Costs to

Business

from Cyber

Crime

$35,514

$4,781

$124,083

$143,209

$100,300

Phishing, Social Engi-neering

Virus, Worms, Trojans, Botent, Malware

Web Attacks

(2)

The Case for Managed Security Services

The threat landscape is an ever-changing one. Hackers are continuously coming up with new

tactics and exploring new vulnerabilities in today’s fluid IT environments. While on-premise

Security Information and Event Management (SIEM) systems provide a certain level of

protection through log collection and management, they require significant in-house expertise

and continuous training and education. Staffing can also be challenging, as monitoring critical

IT assets on a 24/7 basis requires a high level of specialized staffing.

Outsourcing your security requirement can be a tough decision to make, but for many organizations it makes business sense. Here are a few reasons why you should consider it:

• Staying up to date on the latest security threats can be mission impossible if you don’t have a dedicated staff for it. Monitoring and protecting your IT assets from cyber attacks is the core expertise offered by Managed Security Service Providers (MSSPs).

• MSSPs security experts’ teams will vet all the alerts produced by the various devices that you may have

in your infrastructure to the handful of events that your team needs to deal with, thus reducing cost while increasing efficiency.

• The initial and continuous infrastructure and staffing investment in a security solution can be daunting to some businesses. But even if you can afford that, outsourcing your security services can slash your investment by a significant margin depending on the size of your infrastructure. That should allow you to get the best protection possible and still have the budget to invest in your core business. $1,600,000 $1,200,000 $800,000 $400,000 $0

1 Year 3 Years 5 Years

In-House Cyber Security Cost Above Security Cost $544,300 $144,000 $1,040,750 $1,593,000 $648,000 $396,000

Cyber Security Monitoring Costs

(3)

MONITORING 1 YEAR 3 YEARS 5 YEARS

Recruitment fees for specialized resources $22,500 $22,500 $22,500

2 full-time employees $150,000 $450,000 $750,000

Staff management (15% annual salary of the manager) $15,000 $45,000 $75,000 Specialized training ($3,000/year/employee) $6,000 $12,000 $18,000

Subtotal (HR) $193,500 $529,500 $865,500

3 IDS/IPS sensors and management console $154,000 $154,000 $154,000

IDS/IPS annual maintenance $30,800 $115,500 $231,000

Vulnerability scanner (software and server) $3,500 $10,500 $17,500

Log aggregation (SIEM appliance) $125,000 $125,000 $125,000

SIEM deployment (10% minimum) $12,500 $12,500 $12,500

SIEM annual maintenance $25,000 $93,750 $187,500

Total (HR & Hardware) $544,300 $1,040,750 $1,593,000

Implementation fees (3 sensors) $18,000 $18,000 $18,000

3 IDS/IPS sensors (3,500$/sensor/month) $126,000 $378,000 $630,000

Annual maintenance $0 $0 $0

Vulnerability scanner $0 $0 $0

Log aggregation $0 $0 $0

Total (Above Security) $144,000 $396,000 $648,000

Calculations for 2 employees providing support from

9 to 5 with 24/7 pager $400,300 $644,750 $945,000

Calculation for 5 employees providing 24/7

monitoring** $678,550 $1,439,000 $2,243,250

Savings vs. 24/7 Operations In-house

HUMAN RESOURCES

HARDWARE**

Outsourced (executed by Above Security)

* The details of these calculations can be provided upon request.

Minimum Savings

Cyber Security Monitoring Costs

for a Medium-Sized Business

** A two full time employees’ security team with 24/7 pager still exposes an organization to a significant security gap, a minimum of 5 employees is required to provide a real 24/7 monitoring coverage

• As an independent service provider an MSSP can oversee change control procedures to make sure that compliance with internal and external rules and regulations is maintained at all times.

• An MSSP can also help

maintaining all security devices up to date with the latest frame ware updates. Thus reducing your exposure to possible vulnerabilities in your network. • MSSPs are setup to manage

large infrastructures of many clients. Choosing a MSSP can provide a future-proof solution as they can match your business growth requirements seamlessly. • By selecting to work with

(4)

Standard Features of Above Security

Managed Security Service (MSS) include:

Incident Response Management – As soon as a security alert is

detected, a certified security analyst investigates the alert based on his or

her expertise and understanding of the client’s infrastructure. If the alert

is determined to be a threat to the client’s network, it will be escalated

according to the parameters established in conjunction with the client.

For a comprehensive assessment of your security needs and how Above Security can help you secure

your data and most critical assets at a fraction of the cost, call our toll free number at: 1-866-430-8166.

Intrusion Detection & Prevention Systems (IDS/IPS) – Networks

are monitored for malicious activities and policy violations, triggered

alerts are analyzed in real time, security incident reports are prepared

and security incidents are escalated according to the conditions

established in the escalation procedure.

Vulnerability Assessments – Vulnerabilities and weaknesses in the

network are identified and managed. A variety of network devices, e.g.

servers, appliances, applications and workstations, can be scanned

for vulnerabilities.

Log Management – Security-related log data is captured and analyzed

in order to identify security incidents, fraudulent activity, and operational

problems.

Event Correlation – Information from a variety of sources, e.g. security

logs, vulnerability scans, & IDS alerts, is evaluated to recognize event

patterns that may have a bearing on the organization’s security

posture.

Reporting – Regularly provided reports are a valuable method to provide

clients with more insights on the monitoring service, their security

posture, incidents which have been handled since the last report

(5)

About Above Security

Canada World Headquarters +1 450 430 8166 +1 866 430 8166 (toll-free) [email protected] USA

Above Security USA

+1 450 430 8166

+1 866 430 8166 (toll-free) [email protected]

Switzerland

Above Security Europe

+41 (0) 22 365 7510 [email protected]

United Arab Emirates Above Security Middle East

+971 481 37 758

[email protected]

With global operations and

References

Download now ( PDF - 5 Page - 441.15 KB )

Related documents

Exact Optimization Methods for the Mixed Capacitated General Routing Problem

This thesis is about using exact optimization algorithms to solve the routing problem known as the Mixed Capacitated General Routing Problem (MCGRP) that is a generalization of

Compliance. Review. Our Compliance Review is based on an in-depth analysis and evaluation of your organization's:

A complete security program including round-the-clock management and monitoring, real-time security intelligence, global infrastructure as well as a team of 24/7

Between preferences and references: Evidence from Great Britain on asymmetric price elasticities

For example, the average geographical price per litre of X-Cola 1L+ is identical to the average unit values paid by purchasing households, since there is no quality heterogeneity in

SecurityDAM On-demand, Cloud-based DDoS Mitigation

24/7 dedicated team of DDoS security experts, providing real-time response and dynamic updates during attacks, while using the most up- to-date mitigation equipment. Ongoing DDoS

To advertise contact: Display / 853 / 854 Classifieds Fax:

With Facilities: Pool, Gym, Clubhouse & Kids Play Area, 24/7 Security & Maintenance.. With Facilities: Pool, Gym, Kids Play Area, 24/7 Security

Securing Critical Information Assets: A Business Case for Managed Security Services

Through their security operations centers (SOCs), MSS providers can offer management, monitoring, and support services 24 hours a day, 7 days a week, 365 days a year, compared

The Croatian Model of University Education for Health Professionals

The Croatian model of university education for health professionals will make sure that all procedures, speci- fied in the European and Croatian Qualification Frame- work

The Corporate Social Responsibility and Financial Performance Debate

simultaneously measures the specific financial implications of each individual dimension and responsible business practice.. Studies have yet to create such a