Hackers crawling over the web
Tempted by managed web security services? According to Eldar Tuvey, chief executive of ScanSafe, the opportunities for managed security services within the channel are set to grow dramatically in 2007.
The web is getting bigger, but also more dangerous.
In the early days, it was like the Wild West – there were dangers out there, but if companies kept their wits about them and knew the basics of self-defence, they could get by.
Not anymore. Security experts are already looking back on 2006 as the year that web threats matured and became increasingly sophisticated. It was a year in which organised cyber criminals increasingly turned their attention away from email towards web traffic as their target of choice.
Last year saw an aggressive rise in web attacks. According to ScanSafe’s Annual Global Threat Report, spyware increased by 254 per cent in 2006, eclipsing email threats for the first time. The boundaries between spyware, adware and viruses have become blurred and criminals are now targeting multiple internet platforms with more focused, financially-oriented attacks.
For many malware authors, their motives have shifted from a desire to show off their technical prowess or create anarchy, to a greed-driven search for money. In 2006, over 65 per cent of web virus payloads were intended to achieve some direct financial benefit.
Last year also saw web 2.0 increasingly under siege, with hackers targeting social networking sites, chat rooms, popular search engine results and instant messaging.
The sheer scale of these threats has taken many corporate IT departments by surprise, as they grapple with balancing security and liability concerns with the realisation that the web is a mission-critical business communications tool.
The clear message is that businesses can no longer rely solely on traditional IT security solutions on the desktop or corporate network. Anti-virus software, firewalls and intrusion protection systems are valuable shields, but they are not impervious to today’s socially engineered, pernicious web threats.
IT departments are already taking action. Many companies have had help in scanning and filtering email traffic for some years. Now they are looking for help with their web traffic.
According to a recent survey of companies that already buy in managed IT services, 2007 will see a focus on security. The study from the Computing Technology Industry Association found that 33 per cent planned to increase their spending on managed security services. The reasons they gave are the traditional ones – the lack of in-house skills, more cost-effective and it enables them to concentrate on their core competencies.
These findings are backed by another recent report from industry analyst group Frost & Sullivan. It sees the managed security services market in EMEA soaring from $81.7m in 2005 to $603.7m in 2012.
If this suggests that the next five years will be a challenging, but rewarding period for web security-as-a-service providers, it also means plenty of opportunities for channel partners.
IT departments are finding that managed web security services are scaleable, flexible, have a lower total cost of ownership compared to hardware and software solutions and free up valuable network bandwidth. In fact, most customers report a 30-40 per cent saving over on-premise solutions.
For the channel, web security-as-a-service offers quick entry into the lucrative managed services security market. Because it doesn’t require investment – in development, infrastructure or hardware – it also provides a painless way for resellers to add web security to their portfolio of solutions.
Managed services also offer recurring revenue for channel partners, which is especially appealing given the declining margins of premise-based solutions. Hardware and software web security solutions have attained a certain maturity in their lifecycle and saturation in the marketplace. As a result, the margins on hardware and software solutions have steadily declined. This is not the case with web security-as-a-service, a relatively new offering with wide appeal across industry verticals and among SME businesses as well as larger enterprise accounts.
The net result for channel partners is that managed security services help boost gross margins and offer an easier, more cost effective way for customers to conquer web-based threats.