NEAT EVALUATION FOR UNISYS:
Managed Security Services
Market Segment: Overall
This document presents Unisys with the NelsonHall NEAT vendor evaluation for Managed Security Services (MSS) for the Overall market segment. It contains the NEAT graph of vendor performance, a summary vendor analysis of Unisys in MSS, and the latest market analysis summary for MSS. An explanation of the NEAT methodology is included at the end of the document.
The vendors evaluated are: Cognizant, CGI, CSC, CSS Corp, Dell SecureWorks, Dimension Data, HP, Mindtree, Symantec, Tata Consultancy Services (TCS), Unisys, and Wipro.
Introduction
NEAT Evaluation: Managed Security Services (MSS)
Vendor Analysis Summary for Unisys
Overview
In 2009, Unisys relaunched its entire portfolio around a number of key capabilities; cyber and physical security was one of four key pillars of the revamped portfolio.
Unisys operates its security operations from its eight security operations centers (SOCs), primarily via a follow the sun methodology and with onsite operations.
Unisys uses HP ArcSight in conjunction with its Unisys Noise Cancellation Advanced Analytics Platform (UNCAAP) for security information and event management.
In November 2008, Unisys launched its Stealth solution (initially developed for the U.S. defense sector with partner Security First) for government and commercial organizations. Stealth encrypts data across networks using bit splitting. Since its introduction Unisys has expanded the Stealth offering to include Stealth for mobile, the virtual terminal and AWS as well as introducing a reseller channel.
Financials
Unisys' global revenues in 2014 were $3,356m of which:
$2,786m was from services, and IT infrastructure outsourcing accounted for $1,705m
$571m was from technology.Q1-Q3 2015 service revenues were $1,957m, down 6.7% y/y, with IT infrastructure outsourcing revenues up 1% to $1,147m.
Full year 2015 services revenues are likely to be in the region of $2.7bn, with IT infrastructure outsourcing revenues around $1.65bn.
NelsonHall estimates that 2015 managed security services will be ~13% of the IM business, or ~$175m.
Of this, NelsonHall estimates that Unisys' managed security services revenue split, by activity, will be:
Security information and event management: 35% (~$61m)
Security monitoring and management: 30% (~$53m)
Threat and risk intelligence: 20% (~$35m)
Content filtering: 5% (~$9m)Strengths
The Unisys Noise Cancellation Advanced Analytics Platform (UNCAAP) correlates events, reduces the number of events that need to be processed and increases true positive rate. Combined with its strong presence in Bangalore, operational costs are reduced
Unisys is also in a position to provide a client's infrastructure and security services. Thisshould benefit the client and enable Unisys to enact threat resolutions more quickly and with more knowledge of the infrastructure
Unisys' Stealth solutions offer a different type of cyber security; rather than protecting against threats across a client's network, important data is safeguarded by making it effectively undetectable. Besides the benefit to the client that Stealth brings, with its increased security, it also requires the client to assess the sensitivity of each of its end points, a useful practice when considering cyber security
Value added services like the SIR report give clients a more in depth view of the vulnerabilities and malware that they could be affected by, in relation to their own infrastructure, software, and policies.Challenges
Due to the large amount of automation with event management processes using ArcSight and UNCAAP, a number of events marked as low level occasionally slip through analysis; this can sometimes lead to a delay in detecting events
Unisys is reliant on a number of large contracts, for example the contract with the large banking group (see Target Markets section)
The expansion of its reseller program for its IP adds competition for its Stealth offerings.Strategic Direction
In addition to continuing to develop its existing security clients, Unisys is looking to cross-sell its security services to systems integration and infrastructure services clients. It is also looking to increase take up of its security-as-a-service offerings, including SIEM and DLP services, both by existing clients and also by new logos.
There has been a recent push for security services leveraging Stealth around mobile, including its 'get to zero' initiative, which aims to reduce to zero the number of cyber security incidents affecting a client.
Outlook
Unisys positions as a full service IT service vendor, with its managed security services being cross-sold by its data center and SI clients.
One of Unisys' core areas is cyber and physical security across its portfolio; the company's ClearPath systems boast a low number of vulnerabilities.
Unisys is likely to continue growing its managed security services as a proportion of its overall Services revenues. NelsonHall expects revenues from the Unisys managed security services to reach ~$300m by 2018, a CAGR of over 16%, in line with global market growth for managed security services.
In 2016, expect:
Further investment in expanding the Unisys Stealth offering, and for adoption of recently enhanced areas to increase, for example in Stealth for mobile/IoT and AWS.MSS: Market Summary
Buy-Side Dynamics
Key challenges for organizations looking to outsource managed security services include:
Increasing cost of cybersecurity, while demonstrating ROI
Access to cybersecurity skills and up to date information
Ability to respond quickly to threats
Ability to gain a holistic view of cybersecurity
Strengthening social engineering around security
Uneven workloads.Market Size & Growth
The global managed security service market is currently estimated by NelsonHall at $6.8bn, and is expected to grow at 16.5% CAAGR through to 2019.
North America is the largest region in managed security services, with an estimated ~43% of market share, and is expected to account for $6.3bn in 2019.
EMEA is estimated to have ~38% of the market and is expected to grow at 16.9% CAAGR to 2019, led by the U.K. with 17.6%. A portion of the growth will be attributable to the introduction and enforcement of the EU General Data Protection Regulation.
The Asia Pacific managed security services market is estimated to be worth $1.1bn, and will have growth driven by IP DLP in defense of corporate espionage.
In Latin America growth will be driven by the defense of organized crime, particularly in Brazil.
Success Factors
Critical success factors for vendors within the managed security services market are:
A strong understanding of the entire IT security landscape, typically through a high level of security research
An understanding of IT security in the context of the organization's security needs and industry
Increasing the detection rate of cyber threats while increasing the reliability and speed of detection and response to threats, by reducing the number of false positives and negatives found
24/7/365 full service availability.Outlook
Over the next few years:
MSSP R&D spend on automation will increase to handle an increased number of events from IoT and BYOD
To speed up incident resolution, vendors will move to automatic remediation for low level events, transferring people to event research
As the speed of resolution of events becomes more critical, more contracts will include incident management
More contracts will involve incident response planning and ancillary services including legal services and cyber insurance
As collaborative threat databases become the norm, vendors will shift man hours from penetration testing to building advanced automated scanning tools, while focusing on advanced scanning methods such as building visual representations to increase the speed of vulnerability scans with pattern recognition
The construction of RASP technologies to self-protect applicationsNEAT Evaluations for MSS
NelsonHall’s (vendor) Evaluation & Assessment Tool (NEAT) is a method by which strategic sourcing managers can evaluate outsourcing vendors and is part of NelsonHall's
Speed-to-Source initiative. The NEAT tool sits at the front-end of the vendor screening process and
consists of a two-axis model: assessing vendors against their ‘ability to deliver immediate benefit’ to buy-side organizations and their ‘ability to meet client future requirements’. The latter axis is a pragmatic assessment of the vendor's ability to take clients on an innovation journey over the lifetime of their next contract.
The ‘ability to deliver immediate benefit’ assessment is based on the criteria shown in Exhibit 1, typically reflecting the current maturity of the vendor’s offerings, delivery capability, benefits achievement on behalf of clients, and customer presence.
The ‘ability to meet client future requirements’ assessment is based on the criteria shown in Exhibit 2, and provides a measure of the extent to which the supplier is well-positioned to support the customer journey over the life of a contract. This includes criteria such as the level of partnership established with clients, the mechanisms in place to drive innovation, the level of investment in the service, and the financial stability of the vendor.
The vendors covered in NelsonHall NEAT projects are typically the leaders in their fields. However, within this context, the categorization of vendors within NelsonHall NEAT projects is as follows:
Leaders: vendors that exhibit both a high ability relative to their peers to deliver immediate benefit and a high capability relative to their peers to meet client future requirements
High Achievers: vendors that exhibit a high ability relative to their peers to deliver immediate benefit but have scope to enhance their ability to meet client future requirements
Innovators: vendors that exhibit a high capability relative to their peers to meet client future requirements but have scope to enhance their ability to deliver immediate benefit
Major Players: other significant vendors for this service type.Exhibit 1
‘Ability to deliver immediate benefit’: Assessment criteria
Assessment Category Assessment Criteria
MSS Offerings
SIEM
Application Security Endpoint Security IAM
Threat Database Maturity Penetration Testing Event Throughput
Ability to Offer as Part of Larger IT Infrastructure Deal Firewall
Overall MSS Offerings
MSS Delivery
Ability to Offer Dedicated Delivery Delivery in Support of North America Delivery in Support of U.K.
Delivery in Support of Rest of EMEA Delivery in Support of APAC Delivery in Support of LATAM Languages Supported Scale of FTE support Security IP
Single Touch Point Offshore Focus
MSS Presence
Scale of Delivery to Financial Services Scale of Delivery to Government Scale of Delivery to Manufacturing Scale of Delivery to Retail
Scale of Delivery to Energy & Utilities
Benefits achieved
Automation of Security Dashboard or Portal Offered SLA Flexibility
Detection and Response Time Cost Reduction
Introduction of Security Frameworks Staff Training Offered
Exhibit 2
‘Ability to meet client future requirements’: Assessment criteria
Assessment Category Assessment Criteria
Suitability to Deliver Future Benefits
Area of Investment in Centers: Onshore Area of Investment in Centers: Offshore Investment in Automation
Investment in Threat Database
Additional Security Research Conducted
Investment in MSS
Industry Specific Security Research FTE Growth
Security Roadmap Detailed Financial Rating
Partnerships for MSS
For more information on other NelsonHall NEAT evaluations, please contact the NelsonHall relationship manager listed below.
