Today Managed security services have extended to monitoring and management of IT security devices and functions. SME Channels spoke to Ajay Kaushik, Founder and CEO of Panacea InfoSec to know about his perspective.
What is the market size of managed information security services?
The recent times have seen a huge jump in the need of Managed Security Services. With data and information security taking a front seat in an organization’s to-do agenda, its market has grown exponentially. That market that currently stands at approximately $15 billion and is expected to rise by at least 15% by 2021.
This expected expansion is not only a good news for the industry but also a sign that more organizations are now understanding the need of Managed Security Services and are ready to invest in them. Cyber-attacks and data breach can be considered critical market drivers in this regard that pose a direct threat and make organizations vulnerable to loss of business and reputation. With the right experienced partner and solutions, an organization would have the peace of mind to focus to enhance its growth and performance.
How much managed security has evolved from the last 5 years?
The concept of Managed security services began in the 1990s when service providers started providing application support services which later on extended to remote support of IT infrastructures. Today Managed security services have extended to monitoring and management of IT security devices and functions.
What are the advantages of managed security services over having products?
Products and Services are different from each other and serve different purpose. While products are designed to perform an action based on predefined rules and behavior, MSSP provides capabilities to do detailed analysis and validate results from security products. Products have tendency to produce false positives and miss false negatives whereas with MSSP, the possibility is less.
What are the challenges in security service market?
Like most of the fast growing markets, security services market is also very challenging. From ensuring round the clock security to a client to upgrading to the best in technology, the entire gamut of challenge is huge and never ending.
- Finding and maintaining security talent
- Many organizations are moving to cloud applications (Hosting and SAAS), which do not integrate easily into traditional security monitoring tools managed by MSSPs. This leaves the managed service provider managing multiple security tools, or more often, a gap in coverage and visibility into security threats.”
- Limited capabilities to provide threat analysis and incident response services.
- MSSP services not integrating well with existing sophisticated tools. MSSP services are built on specific security solutions and sometimes don’t integrate well with clients’ existing tools. Since these MSSP tools don’t have visibility into all technologies or environments, the alerts generated by the MSSP may contain false-positives which force the client to do security investigations internally. This can lead to the client questioning the value of the MSSP, which is certainly a major challenge.
What are the services offered as managed security services audit?
The five types of services in managed security services audit are:
On-site consulting refers to the customized assistance in the assessment of business risks, key business requirements for security and the development of security policies and processes. It may include comprehensive security architecture assessments and design (include technology, business risks, technical risks and procedures), security product integration and on-site mitigation support after an intrusion has occurred, including emergency incident response and forensic analysis.
Perimeter management of the client’s network
This type of service involves installing, upgrading, and managing the firewall, Virtual Private Network (VPN) and/or intrusion detection hardware and software, electronic mail, and commonly performing configuration changes on behalf of the customer. The management part includes monitoring, maintaining the firewall’s traffic routing rules, and generating regular traffic and management reports to the customer. Intrusion detection management, either at the network level or at the individual host level, involves providing intrusion alerts to a customer, keeping up to date with new defenses against intrusion, and regularly reporting on intrusion attempts and activity. In some cases, content filtering services, such as email filtering and data filtering can also be provided.
Managed security monitoring
This service involves day-to-day monitoring and interpretation of important system events throughout the network including unauthorized behavior, malicious hacks, denial of service (DoS), anomalies, and trend analysis. It is also known to be the first step in an incident response process.
Penetration testing and vulnerability assessments
This kind of service includes periodic software and network scans or hacking attempts in order to find vulnerabilities in a technical and logical perimeter. It generally does not assess security throughout the network, nor does it accurately reflect personnel-related exposures due to disgruntled employees, social engineering, etc.
Compliance monitoring includes monitoring event logs not for intrusions but change management. This service will identify changes to a system that violate a formal security policy, like if a rogue administrator grants himself too much access to a system. In short, it measures compliance to a technical risk model.
Which are the verticals revving for managed information security services?
The main verticals are BFSI, telecom, IT & ITES, government, retail, energy & power, healthcare and industrial manufacturing. All these verticals are high growth areas for managed information security services.
Which are the growth areas of information security Audit?
The business world around us is changing frequently and rapidly. As all businesses aim to grow faster and get better, the need for information security audit grows with them.
The three growth areas, in the current scenario, are:
- Any industry or service wherein IT and technology are used as facilitators to run business
What kind of certification partners need to acquire the capability of security as a service?
To acquire the capability of security as a service, partners need to acquire competency and certifications in below multiple areas such as:
- Infrastructure Security
- Policy Management
- Identity Management
- Security Monitoring
- Vulnerability Management
- Data Protection
Briefly tell about your own company
Incorporated in 2012, Panacea InfoSec is a specialist Information Security company. Accredited by the PCI (Payment Card Industry) Security Standards Council as a PCI QSA, it is the only PCI QSA Company based out of Northern India which is also SWIFT CSP auditor. Grown solely through proven domain knowledge and experience with quality-oriented methodologies, it is also a CERT-In empaneled qualified IT Security Auditor. CERT-In is an office within the Ministry of Electronics and Information Technology. Panacea Infosec brings a vast repertoire of security programs developed for more than 300 clients over the years. Our team comprises of accomplished technical experts in Information Security. Although our services include regulatory compliance, penetration testing, risk assessment, we aim to ensure that the
Company progresses in a maturity model towards maintaining security at all levels.
What are your services?
Our specialized services cover three of the most important verticals. These are:
Cyber security threats are constantly evolving at an exponential rate. Which makes it a challenge to counter such threats and manage critical assets? The lack of technical understanding can be lethal to a business. To empower a business deal with these threats better, here are the managed services that we provide:
- Log review and events correlation (SIEM)
- File integrity review
- Firewall rules and configuration review
- Cyber Forensics
A business has many units. These many units need to interact with each other for day-to-day operations. Which requires not only an effective networking, but also excellent security to keep that network clear of any potential threats. Be it mobile application security to network penetration testing, our security testing services cover all domains. The main security services we provide to safeguard a company’s code, applications and network against the threats are:
- PCI ASV Scanning Services
- Network Vulnerability Assessment
- Network Penetration Testing
- Web Application Security Testing
- Secure Code Review
- Wireless Security Testing
- Mobile Application Security Testing
- SCADA Security Testing
- IOT Security Testing
As a recognized certificate issuing body for both PCI DSS certification and SWIFT CSP certification, our consulting services can ensure your business remains compliant to the standards, retain the confidence of customers and grow at a swift pace. Our consulting services include:
- ISO 27001 ISMS Implementation
- ISO 22301 BCMS Implementation
- HIPAA Consulting
- SOC1, SOC2 & SOC 3 consulting
- IATA PCI Compliance
- PCI SAQ Compliance
- Information Security Policy Formulation & Assessment
- Vendor Security Assessment
- NBFC Audits
- IRDA Audits
- RBI Audits (PSS, CSA, SAR)
- UIDAI/Aadhar Audit/AUA
- UPI Audit
Which are the major customer segments engaged with you?
We serve a large plethora of clients across different business segments. With the need of managed security services extending into new industries, we are always adding new customers to our long list of clients. The main segments in which we serve most of our clients are:
- Banks and financial institutions
- Telecom and communications
- IT, BPO & KPO
- Payment gateways & payment processors
- eCommerce & retail merchants
- Tours & travels