It used to be a service provider just delivered the pipes, and the rest was user managed or turning to system integrators like TCS or pure-play managed security service providers (MSSPs) like Symantec. Now there is a rush for providers to launch new managed solutions, including managed security, and for good reason: the opportunity is tremendous.
Security services demand is growing. With clients increasing reliance on IT and communications networks, network security represents a key concern for many organizations. Enterprises have incorporated e-commerce, remote access and wireless connectivity into their business operations, which heightens the need for security measures to protect their networks against espionage, theft and hackers. Security breaches often result in losing productivity and business opportunities as well as leaking of confidential corporate information.
The bottom line is that security management costs more today and demands sophisticated response to address the growing nature of threats. Enterprises also face difficulties recruiting and retaining staff with security expertise. A Sophos report found that China hosted the largest part of global malware (53.9%) in early 2007, making the challenge very real in the Asia-Pacific region. Companies looking to do business in the US face a growing body of regulatory requirements (Sarbanes Oxley, HIPAA, GLBA, etc.) for compliance. For Asia-Pacific enterprises MSSPs represent the right move to make.
Most MSSPs provide security features such as intrusion detection/prevention services, authentication services, encryption and hosted application security. New areas include on-net removal of malware, security of wireless services, ID management, content security and early warning systems. Extending its Greater China and Asia security reach, CPCNet has enhanced its service offering to include insider threat discovery, vulnerability management, and customizable graphic dashboard.
Trend toward concentration
Verizon Business completed its Cybertrust acquisition, enhancing its managed security services in Asia and worldwide. The move gives it access to new customers, security professionals and security operations centers in the region. Other high-profile examples include IBM/ISS and BT/Counterpane. This trend reflects efforts by MSSPs to enhance their capabilities and broaden services to help customers meet rising security threats. Consolidation helps spread costs over a larger base.
MSSPs face rising costs and complexity of security management - global telcos such as AT&T and BT have been building up capabilities to make network security strategic to their business. These telcos aim to move up the value chain to provide professional services to customers, and security is a key component in many cases.
Acquisitions may not always be possible for many service providers. In July Fortinet, which offers unified threat management (UTM) solutions, rolled out a global agreement with Unisys, under which Fortinet's FortiGate multi-threat security systems will be used as both supported premise equipment and operational infrastructure in the Unisys managed security services. SingTel has collaborated with IBM to deliver MSS as part of its managed IP-VPN offering. This adds strengths to SingTel's MSS, particularly when the two companies extend the relationship beyond the Singaporean market.
Asia Netcom, which is partnering with IT specialist Datacraft to offer MSS, is shifting its focus from wholesale to the enterprise space and helps it ramp up its enterprise services. PacNet, a regional player focusing on serving the needs on SMEs, has also added security solutions to its VPN services through a partnership with Cisco Systems.
To gain MSS market share it is crucial to have a wide range of security services to meet changing business requirements. It is also important to establish a reputation as a credible MSSP. Few players can claim to have the capabilities to cover all security areas, and partnerships are in most cases useful to close any gaps.
Global telcos such as AT&T, BT, Orange and Verizon Business have developed strengths in MSS, but they are targeting primarily large global accounts. Regional telcos can seize opportunities to gain Asia-based enterprises and tap the SME market potential.
Counse Broders is senior research director and Siow Meng Soh is senior analyst in Current Analysis' global telecom unit