Proactive Security Testing-Protecting Against Tomorrow's Threats Today


Published on

1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Proactive Security Testing-Protecting Against Tomorrow's Threats Today

  1. 1. Proactive Security Testing Protecting Against Tomorrows Threats Today Srihari Padmanabhan, Senior Research Analyst Network and Application Security Testing Market 18, December 2012© 2012 Frost & Sullivan. All rights reserved. This document contains highly confidential information and is the sole property ofFrost & Sullivan. No part of it may be circulated, quoted, copied or otherwise reproduced without the written approval of Frost & Sullivan.
  2. 2. Today’s Presenter Srihari Padmanabhan Senior Research Analyst, Communications Test Group Frost & SullivanFive years of experience in strategy consulting and market research across communications test and measurement market. This includes particular expertise in: - Market sizing and forecasting - Providing recommendations for product entry, geographical expansion and market penetration - Identifying industry best practices in the test and measurement market- Experience base covering a broad range of sectors, leveraging long-standing working relationships withleading industry participants’ Senior Executives 2
  3. 3. Focus Points Market Overview Market Drivers and Restraints Top 10 Network and Application Security Trends Impact of APTs and Zero-day Attacks Conclusion Q&A 3
  4. 4. Poll QuestionWhich of the following trends will have the most impact on the network andapplication security testing market in 2013?A. Network Security ConsolidationB. APTs and Zero-day AttacksC. Increase in Nation-sponsored AttacksD. Cloud security 4
  5. 5. Security Testing – Market Overview 2012 2016 SECURITY TESTING MARKETSecurity Test Solutions $128.8 $295.3Spirent (Mu Dynamics) , Ixia Million(BreakingPoint Systems), Shenick MillionNetwork Systems, Codenomicon.Application Security Products $367.2 $703.2HP, IBM, Codenomicon, Parasoft, Million MillionCoverity, Cenzic, Klocwork etc.Vulnerability AssessmentMcAfee, Qualys, Tenable Network $407.2 $979.8Security, Rapid7, nCircle and several Million Millionothers. 5
  6. 6. Market Drivers and Its Impact Security Testing Market: Key Market Drivers (World), 2012 1-2 years 3-5 years 6-10 years Increase in Malware and Cyber attacks globally drives the demand for test solutions Increase in the frequency and sophistication of attacks Growth in Internet services (e-Market Drivers banking and e-commerce) and increased mobility of the workforce City, state, and federal governments’ investments in security development Regulatory and standard compliance Impact: High Medium Low Source: Frost & Sullivan analysis. 6
  7. 7. Market Restraints and Its Impact Security Testing Market: Key Market Restraints (World), 2012 1-2 years 3-5 years 6-10 years Rapid change in technologyMarket Restraints Budget allocation and spending on test solutions Increase in the number of open-source solutions and managed security service providers Lack of awareness about the current threats and the solutions available in the market Impact: High Medium Low Source: Frost & Sullivan analysis. 7
  8. 8. 2011 Security Incidents by Attack Type Source: IBM 8
  9. 9. Top 10 Trends in Network and Application Security Testing1. Hybrid Security Model and the growth of MSSPs2. Convergence of Cyber security and business process3. Investments on Critical National infrastructure by Regional Organizations4. Impact of BYOD and workforce mobility5. Mobile threats bypassing PCs6. Cloud Security and evolution of IPv67. Nation-sponsored hacking through Advanced Persistent Threats (APT) 9
  10. 10. Hybrid Security Model and the Growth of MSSPs Source: Frost & Sullivan analysis. 10
  11. 11. Hybrid Security Model and the Growth of MSSPs(Contd…) 11
  12. 12. Convergence of Cyber Security and Business Process Data Loss Prevention Market: Revenues and Percent of Revenues by Vertical, Global, 2011 Security spending by business organizations is expected to cross $6 Billion by 2016. The following factors drive the security spending among SMB and Large businesses. Increase in adoption of cloud Penetration rate of BYOD programs Prevalence of data breaches Fear of losing reputation due to exposed vulnerabilitiesAccording to a recent survey by Frost & Sullivan, most businesses have already invested inDLP solutions with 37 percent of the respondents planning to implement within the next 2years. In addition, end-user segments such as BFSI and Government generated the mostrevenues for the data loss prevention market in 2011. Source: Frost & Sullivan analysis. 12
  13. 13. Critical National Infrastructure (CNI) 13
  14. 14. Impact of BYOD and Workforce Mobility of public sector organizations73% allow employees to use personal devices at work, highest in education (83%) have a specific policy56% around the use of personal devices whilst 38% have loose guidelines organizations have experienced a security1 in 4 breach due to an employee owned device accessing the network of organizations see BYOD and personal devices51% outnumbering enterprise devices, and becoming the norm in the next 3 years Source: CISCO BYOD 2012 Survey 14
  15. 15. Mobile Threats Bypassing PCsNew Families and Variants Received Per Quarter Source: F-secure“ In 2013, people will purchase more than 1.2 billion mobile devices, surpassing PCs as the most commoninternet access device in the world. Mobile platforms will continue to expand at breakneck speed, as peopleare forecast to download over 70 billion mobile apps in 2014.” - Lookout Mobile Security 15
  16. 16. Zero Day Attacks and APTs“While the overall number of zero-day vulnerabilities is down, attacks using thesevulnerabilities continue to be successful. The majority of these vulnerabilities are leveragedin targeted attacks. Adobe Flash and Reader vulnerabilities are widely used in targetedattacks and account for 50% of the zero-day vulnerabilities seen in 2011.” - Symantec 16
  17. 17. Impact of Zero-day Attacks and APTs“With advanced persistent threats, we have to start shifting our way of thinking from thefortress model of security strategies. We have to be able to not only prevent, detect andrespond, but also live continuously in a compromised situation and still run operations.” Chief Security Officer, Airtel 17
  18. 18. Next StepsDevelop Your Visionary and Innovative Skills Growth Partnership Service Share your growth thought leadership and ideas or join our GIL Global Community Join our GIL Community Newsletter Keep abreast of innovative growth opportunities 18
  19. 19. Your Feedback is Important to Us What would you like to see from Frost & Sullivan?Growth Forecasts?Competitive Structure?Emerging Trends?Strategic Recommendations?Other? Please inform us by “Rating” this presentation. 19
  20. 20. Follow Frost & Sullivan on Facebook, LinkedIn,SlideShare, and Twitter 20
  21. 21. For Additional InformationJeannette Garcia Srihari PadmanabhanCorporate Communications Senior Research Analyst(210) 477-8427 Communications +91-44-66814185 Srihari.Padmanabhan@frost.comOlga Yashkova Kiran UnniProgram Leader Research ManagerCommunications Test Measurement & Instrumentation(210) 247-3863 (210) 21