Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
Cyber-security services for large enterprises: opportunities for operators
© Analysys Mason Limited 2018
RESEARCH STRATEGY REPORT
analysysmason.com
CYBER-SECURITY SERVICES FOR LARGE ENTERPRISES:
OPPORTUNITIES FOR OPERATORS
PATRICK DONEGAN
Cyber-security services for large enterprises: opportunities for operators
© Analysys Mason Limited 2018
KEY QUESTIONS ANSWERED IN THIS REPORT
WHO SHOULD READ THIS REPORT
2
1 Network (or cyber) security consists of the steps necessary in hardware and software, as well as in
human behaviour and processes, to ensure the confidentiality, integrity and availability of
infrastructure and the applications and services that run over it.
This report analyses the opportunity for communications service
providers (operators) to act as managed security service providers
(MSSPs) and sell managed security services to large enterprises.
The MSSP business model gives operators an opportunity to:
▪ boost declining revenue from the enterprise sector
▪ reduce churn
▪ enhance their brand.
The report provides recommendations for operators, and outlines
a framework that will help network security vendors to understand
the MSSP market from an operator perspective.1 It also:
▪ details the factors for success in the MSSP marketplace
▪ includes case studies of three MSSP businesses – IBM
Security, Telefónica and Trustwave.
The report is based on:
▪ Analysys Mason’s research on the MSSP market
▪ a series of interviews and discussions with stakeholders in the
MSSP space, including several MSSPs.
About this report
▪ What role do operators play in the MSSP market today, and what are
their prospects of being competitive in it?
▪ What are the main opportunities and risks?
▪ What are the prospects of new players from industries other than
telecoms entering the MSSP market?
▪ What do telecoms operators need to focus on in order to succeed in the
MSSP market?
▪ To what extent do the world’s leading MSSPs intend to partner with
telecoms operators?
▪ Security and MSSP groups within operators.
▪ Strategy teams and senior executives within operators and vendors that
are defining their organisations’ roles in the cyber-security space.
Cyber-security services for large enterprises: opportunities for operators
© Analysys Mason Limited 2018
CONTENTS
3
EXECUTIVE SUMMARY
MARKET OPPORTUNITY AND INVESTMENT REQUIREMENTS
REQUIREMENTS AND OPTIONS FOR MSSP PARTNERING
ASSESSMENT OF POTENTIAL MSSP PARTNERS
APPENDIX: MSSP CASE STUDIES
ABOUT THE AUTHOR AND ANALYSYS MASON
Cyber-security services for large enterprises: opportunities for operators
© Analysys Mason Limited 2018
Figure 1: Operators should consider entering the enterprise security market but will need to
overcome some barriers
4
Operators should consider tapping into large enterprise spend
on cyber security. However, they will not succeed with a
‘business-as-usual’ approach – for most, partnerships with
MSSPs will be the best strategy.
Many telecoms operators have declined to enter the MSSP market
because they lack the skills and reach to serve the large
multinational companies that MSSPs have traditionally targeted.
However, operators should consider entering this market because
of the growing demand from large national corporations.
Most operators will need to establish a partnership with a leading
MSSP that has the specialised capabilities that would be costly
and time-consuming to develop internally.
Leading MSSPs, such as IBM Security, SecureWorks, Trustwave
and Telefónica are reaching out to telecoms operators to engage
in such partnerships.
We recommend that operators:
▪ commit to the MSSP space
▪ establish partnerships with leading MSSPs
▪ work closely and collaboratively with MSSP partners to
establish processes to ensure a high-quality service for the
customer.
Executive summary
Cyber-security services for large enterprises: opportunities for operators
© Analysys Mason Limited 2018 5
Operators cannot ignore the opportunity to provide security
services to corporations, particularly because core connectivity
revenue is flat (at best) for most providers. However, most
operators are not able to meet the rapidly evolving expectations
that enterprises have of managed security services.
The addressable market for providing security services to
enterprises is substantial – we estimate that large enterprises
spent over USD12 billion worldwide in 2016.1 However, operators
won just 17% of that spend.
This report explores how operators can improve their ability to
address spend by large enterprises on managed security.
MSSPs have focused on large multinational companies and have
paid less attention to large national corporates. These national
corporates are expected to increase their spending on managed
security as the threat level increases and security solutions
become more complex.
Unsurprisingly, the number of players entering the MSSP market is
accelerating. Defence companies (Raytheon and BAE Systems)
and accounting firms (Deloitte and EY) are all exploring it. Cloud
providers like Google and AWS have the potential to be powerful in
this space should they decide to enter it.
Most telecoms operators are not engaged effectively in the
MSSP space.
Most operators either do not offer managed security services or
offer basic services, such as managed firewalls, for large national
customers.
These operators need to rethink their approach if they are to avoid
missing out on the MSSP opportunity. In the context of a growing
volume, variety and sophistication of cyber-security threats, large
enterprises expect a rich suite of managed services driven by
threat intelligence, advanced data analytics and teams of skilled
cyber-security professionals.
Other operators understand these issues and are better placed.
Some, like Telefónica, are aspiring MSSPs and are building out
their businesses to target large national and multinational
companies. A small number of operators like AT&T, BT, NTT
Security, Singtel (through Trustwave) and Verizon have sizable,
MSSP businesses, typically focused on Fortune 500 companies.
Even telecoms operators that are established or aspiring MSSPs
should not underestimate the escalation of requirements – and
hence investment – needed to compete in the long term. Some of
these businesses will not succeed in the long term, because the
locus of competition is moving to the use of threat intelligence
with advanced analytics and highly skilled security analysts.
Most operators risk missing the MSSP opportunity for large enterprises
1 For more information, see Analysys Mason’s Telecoms services for large enterprises: worldwide
forecast 2017–2022. Available at: www.analysysmason.com/le-forecast2017-worldwide-ren01-
ren02.
Cyber-security services for large enterprises: opportunities for operators
© Analysys Mason Limited 2018
MSSP Seeking channel
partners
Explicitly seeking
telecoms operator
channel partners
IBM Security Yes Possibly
SecureWorks Yes Possibly
Trustwave
(owned by Singtel)
Yes Yes
Telefónica Yes Yes
6
The established leaders in the MSSP market are ready-made
partners for telecoms operators.
A subset of the world’s largest operators like AT&T, BT and Verizon
are probably capable of succeeding in the MSSP market on their
own.
However, most operators do not have these capabilities and
building them will be challenging. To do so would require large
investment (over USD100 million), an understanding of
specialised requirements and would need the operator to compete
for the limited talent pool of cyber-security professionals. For these
operators, a partnership with an existing MSSP may be the best
way to engage with the market for managed security.
The large existing customer base that operators can offer and the
capabilities of an MSSP is a potent match. Furthermore, many
MSSPs are looking to build on their revenue from large
multinational companies by reaching large national corporates,
many of which have not purchased from large MSSPs before, and
with which local telecoms operators tend to have much stronger
relationships.
The idea of MSSPs partnering with telecoms operators is not new.
IBM has powered an Asia–Pacific operator’s managed security
services for several years. Rogers Canada offers Trustwave
services and BAE Systems has a partnership with O2 UK.
Figure 2: Potential MSSP partners for telecoms operators
These deals could indicate that there are more to come. At least
four – and probably more – large MSSPs are explicitly looking for
new channel partners, in significant part to reach the large
national corporates.
Delivering high-quality managed security services to enterprises
across separate MSSP and telecoms operator infrastructure is
challenging. Successful partnerships between telecoms operators
and MSSPs require a deep and long-term commitment on both
sides.
MSSPs that can help operators to serve the cyber-security market are
seeking partners
Cyber-security services for large enterprises: opportunities for operators
© Analysys Mason Limited 2018 7
Recommendations
1A strategic commitment is needed if operators are to be serious providers of security to large enterprises.
The opportunity for telecoms operators to serve large enterprises with managed security services for revenue
growth and customer retention is compelling. However, telecoms operators will need to commit to providing large
enterprise customers with a rich suite of managed security services; offering little more than a managed firewall
service will not be sufficient. Operators need to either make a significant commitment to security, or leave the
market to others.
2
3
Operators should partner with leading MSSPs rather than go it alone.
To be successful in the managed security space, providers will need to combine data analytics, machine learning
and threat intelligence. It also requires large teams of costly cyber-security analysts. Most telecoms operators
should access these capabilities by serving as channels to market for established MSSPs, some of which are
actively reaching out to telecoms operators for partnerships. Most operators cannot acquire capabilities at scale
and succeed alone in the MSSP space.
Engage in collaborative change management with MSSP partners to prioritise the end-to-end experience.
Telecoms operators and their MSSP partners must commit to a detailed process for anticipating, explaining,
managing and tracking the impact of frequent changes in their own respective IT and network environments over
time. They must also understand and collaboratively manage the end-to-end impact of changes in their
environments on the enterprise customer’s experience of the service.
Cyber-security services for large enterprises: opportunities for operators
© Analysys Mason Limited 2018
CONTENTSCONTENTS
32
EXECUTIVE SUMMARY
MARKET OPPORTUNITY AND INVESTMENT REQUIREMENTS
REQUIREMENTS AND OPTIONS FOR MSSP PARTNERING
ASSESSMENT OF POTENTIAL MSSP PARTNERS
APPENDIX: MSSP CASE STUDIES
ABOUT THE AUTHOR AND ANALYSYS MASON
Cyber-security services for large enterprises: opportunities for operators
© Analysys Mason Limited 2018
Patrick Donegan (Senior Contributor) contributes to Analysys Mason’s Telecoms Software and Networks, and Enterprise and IoT research
practices. He specialises in telecoms and IT security and has worked in the telecoms sector for over 25 years. Patrick has led several custom
consulting projects for leading vendor and operator clients in this area. In recent years, his research has focused on the security opportunities
and threats presented by the telecoms sector’s efforts to use more software-controlled networking.
33
About the author
Cyber-security services for large enterprises: opportunities for operators
© Analysys Mason Limited 2018 34
Research from Analysys Mason
Cyber-security services for large enterprises: opportunities for operators
© Analysys Mason Limited 2018 35
Consulting from Analysys Mason
Cyber-security services for large enterprises: opportunities for operators
© Analysys Mason Limited 2018
PUBLISHED BY ANALYSYS MASON LIMITED IN JANUARY 2018
Bush House • North West Wing • Aldwych • London • WC2B 4PJ • UK
Tel: +44 (0)20 7395 9000 • Email: [email protected] • www.analysysmason.com/research • Registered in England No. 5177472
© Analysys Mason Limited 2018. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means – electronic,
mechanical, photocopying, recording or otherwise – without the prior written permission of the publisher.
Figures and projections contained in this report are based on publicly available information only and are produced by the Research Division of Analysys Mason Limited independently of any
client-specific work within Analysys Mason Limited. The opinions expressed are those of the stated authors only.
Analysys Mason Limited recognises that many terms appearing in this report are proprietary; all such trademarks are acknowledged and every effort has been made to indicate them by the
normal UK publishing practice of capitalisation. However, the presence of a term, in whatever form, does not affect its legal status as a trademark.
Analysys Mason Limited maintains that all reasonable care and skill have been used in the compilation of this publication. However, Analysys Mason Limited shall not be under any liability for
loss or damage (including consequential loss) whatsoever or howsoever arising as a result of the use of this publication by the customer, his servants, agents or any third party.