FIXNIX  GRC(GOVERNANCE,  RISK  &  COMPLIANCE)  PITCHBOOK  

Chief  Nixer  

GRC

ENERGY  SO

URCE  

FixNix:  Salesforce  for  GRC…  

Our  firm  is  heavily  inspired  &  shamelessly  copying  strategic  thought  processes  of  successful  startup  firms  like  asana,  zoho,  salesforce  &  amazon  making  an  entry  into  untapped  problem  areas.    All  of  them  have  made  a  mark  and  created  a  niche  in  their  respecSve  verScals.      We’ll  tell  where  we  get  our  source  of  energy…    ² The  inspiraSon  for  the  flat  organizaSon  and  same  designaSon  comes  from  Asana  

² marrying  SMB  &  InformaSon  Security  came  from  Zoho    

² Making  use  of  cloud  in  big  way  came  from  Salesforce  

² DemocraSzing  a  closed  circuit  verScal  came  from  AWS,  Linux  and  many  

We’re  looking  at  creaSng  one  in  the  coming  days  ahead  in  the  informaSon  security  field  helping  Small,  Medium  Business.  

ABO

UT      U

S…  

The  Nixer  team  

IT  GRC  

Annie   Harsha  

Enterprise  GRC  

Ghayathri   Ramya   Padma  

Cloud  

Saravana   Shyam  

InfoSec  Services  

ISO  27001-­‐  Audit  &  ImplementaSon  

Ashok   Sandeep   Raj  

Staff  Augmenta

Son  

Kayal  

q Certified Chief Information Security Officer (C-CISO)

q Alma mater of IIIT Masters in technology (Computer Science).

Want  to  onboard  advisors  formally  into  board,  CxO  team  post  funding.  Advisors  •Mr.  Sundar,  Integra  Sodlabs  •Mr.  VenkySivaraman,  Head  Strategy  -­‐Ivymobility  •Mr.  Edward,  Director  -­‐  PwC  US  •Mr.  Balasubramanian,  Compliance  Leader  –  IBM  •Mr.  AbhayDeshpande,  CEO  -­‐  Reasoning    

•Mr.  Tharmarajan  –  ixCFO  •Mr.  Sridhar,  Super  CreaSons  •Mr.  Ravi  –  Adirosys  •Mr.  Maharajan  –  Testnex  •Mr.Ananda  Deekaram  –  Palmefo  consulSng  

q Worked in Microsoft & IBM q  10 years of experience in various

Information Security domains.

Shanmugavel Sankaran Chief Nixer

SMB  IN

FOSEC  

Business  Overview    

Fix  Nix  is  an  InformaSon  security  company  born  on  a  vision  to  redefine  ‘Security’  at  all  Small  &  Medium  Enterprises  (SME)  and  to  provide  affordable,  feasible,  agile,  lean  InformaGon  Security  Management  System  (ISMS)  through  Cloud  in  SaaS  (Security  as  a  Service)  model  at  low  operaSon  maintenance  with  same  resource  &  minimal  budgetary  allocaSon.    The  main  objecSve  of  our  concept  is  to  pass  back  the  saving  to  customers  through  inexpensive  infrastructural  architecture  and  investments  for  the  soluSon.  

Product  A  fully  Integrated  FixNix  GRC  uses  a  single  core  set  of  control  material,  mapped  to  all  of  the  primary  governance  factors  being  monitored.  The  use  of  a  single  framework  also  has  the  benefit  of  reducing  the  possibility  of  duplicated  remedial  acSons.      IT  GRC  systems  that  can  take  informaSon  feeds  from  one  or  more  sources  that  detect  or  sense  deviaSons,  defects  or  other  paferns  from  security  or  business  applicaSons.  This  can  include  acSve  sensor  technologies  such  as  those  to  protect,  monitor  and  manage  informaSon  networks  and  systems.        eGRC  (Enterprise  GRC)  that  allows  the  impact  of  mulSple  primary  regulaSons  to  be  tracked  and  correlated  in  one  system.      

Service  

-­‐  Virtual  CISO    -­‐  Managed  Security  Services    -­‐  Audit  Services    -­‐  ISO  27001  ImplementaSon    -­‐  InformaSon  Security  Training  and  Awareness    -­‐  Web  ApplicaSon  Security  and  PenetraSon  TesSng.    

GRC  M

ARKET    Business  Overview  

 

Fix  Nix  is  an  InformaSon  security  company  born  on  a  vision  to  redefine  ‘Security’  at  all  Small  &  Medium  Enterprises  (SME)  and  to  provide  affordable,  feasible,  agile,  lean  InformaGon  Security  Management  System  (ISMS)  through  Cloud  in  SaaS  (Security  as  a  Service)  model  at  low  operaSon  maintenance  with  same  resource  &  minimal  budgetary  allocaSon.    The  main  objecSve  of  our  concept  is  to  pass  back  the  saving  to  customers  through  inexpensive  infrastructural  architecture  and  investments  for  the  soluSon.  

Target  Address  Market  (TAM)  

All Small & Medium Enterprises (SME)

Need of affordable, feasible, agile, lean Information Security Management System (ISMS)

Affordable to pay $10000

Want to make the security books 'anytime' ready for regulatory, legal compliance.

Need of a system to nix the security issues in the grass roots itself.

Who  need  of  Governance,  Risk  Management  and  

Compliance  

Who  need  of  data  protecGon  

Who  need  of  ISMS,GRC  framework  

Who  are  keen  to  comply  with  ISO  27001/        PCI  DSS/  HIPAA,  many  other  

regulaGons,  standards  

GE

OG

RA

PH

Y

ISO reports “India tops second in the list in of top 10 countries for

ISO/IEC 27001 Certificates”

Countries like Japan stays in topline growth always. New

players like Romania, China are coming close…

Size  of  the  market  in  2012  is  1200  crores    Expected  to  grow  at  18  %  to  1400  crores  in  2013  Security  incidents  have  increased  three-­‐fold  in  India  

INFO  

SECURITY  IN  INDI

A..  

Business    organizaGon   Revenue   Spending  increase  for  InformaGon  security  

Large  business    

>  5000  crores   11  %  

Medium  businesses      

500  -­‐  5,000  crore   17  %  

Small  businesses   <  500  crores   14  %    

Government  organisaSons   8    %  

SE

CTO

R ISO  reports  around  12%  year  to  year  

increase  in  number  of  cerGficates  from  

2010  to  2011.    

ISO/IEC  27001  InformaSon  Security  Research  report  says  

about  87%  of  respondents  stated  that  implemenSng  ISO/IEC  27001  had  a  posiSve  or  very  posiSve  

outcome.  

List  of  industrial  sectors    and  number  of  ISO/IEC  27001  cerGficaGons  obtained  in  

each  sector.    Highest  markeGng  opportuniGes  is  seen  in  the  field  of  InformaGon  Technology.  

CU

STO

ME

R AC

QU

ISITIO

N STR

ATE

GY  

Business  Model  

Organic  growth-­‐Internet  MarkeGng  

Reaching  targeted  segments  through  acGve  presence  in  social  Media  

Direct  MarkeGng  

Alliance  with  service  providers  like  datacenter  

Cost  effecGve  and  robust  online  campaigns  and  engagement  via  social  network,  blogs.  

ArGcles  in  Print  Media  

BUSINESS  MODEL  

CLO

UD

AR

CH

ITEC

TUR

E  

Business  Model  

CEO  

CISO  

Risk  Manager  

Auditor   VRT  

HR   Security  Admin  

IT  Admin  

Integrated  FixNix  GRC  

CollecSng  and  Sending  Logs    from  various  devices  –  Proxy  Servers,    Databases,  Firewalls,  IDS,  Event  Logs,    AnS  Virus,  Linux  SU  Log,  AIX  Logs,  

CISCO  Devices  etc.,  

FixNix  GRC    Azure  

ARCHITECTURE  

FINAN

CIAL    PROJECTIO

NS    

Profitability  Statement  Balance  Sheet  

FINAN

CIAL    PROJECTIO

NS    

Services  SubscripGon  (#s)  

eGRC  Revenue  (Lakhs)  Chart    

IT-­‐GRC  Revenue  (Lakhs)  Chart    

CUSTO

MER,  PARTN

ER  Strategic  relaGonships  Strategic  relaGonships  

PIPELINE  

PIPELINE  

PIPELINE  

PIPELINE  

CO

MP

ETITIO

N

!FixNix  GRC  

Cost  effecGve  

Agile  

Easy  deployable  

Affordable  

Pay  as  per  use  

User  friendly  

WHAT  

COMP

ETITIVE  POSITI

ONING  

EDGE  Strategic  relaGonships  Barriers  to  Entry  

COST:  Big  players  are  glad  with  their  Fortune  clients,  not  able  to  reduce  price  and  play  for  Small,  Medium  Business  MODULIZATION:  Either  IT  or  Enterprise  GRC  is  separately  provided  to  SMBs,  nobody  providing  both  of  them  together  OPEN  SOURCE:  We’re  heavy  open  source  company,  building  a  community  of  contributors  across  globe  

!!

FIXNIX  IT  GRC  DEMO  

FIXNIX  ENTERPRISE  GRC  DEMO  

Q&A  

http://www.fixRnix.in http://www.linkedin.com/in/fixnix http://www.facebook.com/fixRnix http://twitter.com/fixRnix http://pinterest.com/fixnix/ http://fixrnix.tumblr.com/ www.linkedin.com/in/shanmugavels www.facebook.com/shanmugavel