1. No category

The 10 most important criteria to consider

Email IBM
IBM Global Technology Services
Thought Leadership White Paper
Selecting a managed security
services provider
The 10 most important criteria to consider
March 2014
Email IBM
2
Selecting a managed security services provider
Introduction
Enterprises today continually struggle to defend against online
attacks that can strike at any moment. Whether the threats are
from viruses, denial-of-service attacks or unauthorized web site
access, these offenses can wreak tremendous havoc. Attacks can
impact business operations and workforce productivity, damage
infrastructures and create security breaches that can harm an
organization’s reputation. Such character compromises or
breaches can also be expensive in terms of operational impact,
resources required to remedy the issue and potential loss of
business.
A successful security program demands deep insight into the
current threat landscape. It also requires a strategic approach to
managing the cost and complexity of the security technologies
needed for security event and log management, vulnerability
scanning, email security and other activities. However, with the
wide variety of current and emerging security threats that exist,
organizations that try to manage their own information security
often lack the in-house resources required to adequately protect
online systems around the clock.
Advanced security practices require highly skilled personnel,
who are in high demand and expensive to recruit, hire and
retain. According to a Forrester Consulting study, “An alarming
80 percent of security leaders believe that it is difficult or very
difficult to find and hire technical security staff that fit all of
their requirements. This challenge is even more pervasive in
Latin America, where a stunning 96 percent of regional security
leaders noted this difficulty.”1
In addition, implementing and managing security solutions
can divert IT resources from other critical initiatives, including
preventing the next attack. IT teams are forced into a reactive
posture that ignores the more important strategic role of an IT
security function.
To support a cost-effective, robust and proactive security posture, more and more organizations are outsourcing portions—or
even all—of their IT security programs. These businesses
typically:
●●
●●
●●
●●
●●
●●
Lack the in-house capabilities required to properly manage
changing business demands, compliance mandates and
emerging threats for strategic implementation of new IT
security solutions
Do not have the capabilities to effectively monitor and
manage the security infrastructure to help achieve optimal use
of current assets
Have in-house IT staff members who spend too much
time on day-to-day operational security issues versus new
strategic projects
Depend on IT security tools and processes that provide a
reactive, rather than a proactive, approach to mitigating risk
and reducing data loss and downtime
Lack the resources and expertise to gather and analyze
security intelligence about current and emerging threats
Are too overwhelmed by the magnitude and complexity of
risks to confidently provide an integrated response.
By outsourcing security operations to a managed security services provider (MSSP), organizations can take advantage of the
expert skills, tools and processes that these service providers
offer and significantly enhance security without making a large
investment in technology and resources. But how do you select
the right MSSP for your specific needs?
This white paper outlines a strategic approach to selecting an
MSSP and establishes 10 important qualifications to consider in
choosing a provider. The right MSSP can reduce the cost and
complexity of information security while helping you build a
stronger security posture.
Email IBM
IBM Global Technology Services
The 10 most important things to consider
in selecting an MSSP
Organizations that lack the resources and budget to build and
operate their security infrastructure on an around-the-clock basis
can outsource to a reliable MSSP. Allowing an MSSP to handle
day-to-day security monitoring and management gives organizations an opportunity to allocate in-house IT resources to more
strategic initiatives. MSSPs also facilitate business continuity by
providing advanced intelligence to thwart attacks before they
cause damage and disrupt business operations. This layer of
proactive protection lends a competitive edge by helping your
business to remain functional even when sophisticated threats
continue to proliferate.
To achieve the greatest advantage from outsourcing your security operations to an MSSP, you need to select a provider suited
to your organization’s specific needs. Before you do this, however, ask yourself the following questions:
●●
●●
●●
●●
●●
Have you conducted an extensive evaluation of your security
requirements?
Do you understand the security measures with which you
must comply?
Have you established a reliable governance model?
Have you determined which security requirements you expect
the MSSP to put in place?
Are you prepared to investigate whether the MSSP is
equipped with relevant certifications that demonstrate the
provider’s capabilities in the above-mentioned areas?
3
Once you have addressed these questions, you are ready to begin
evaluating MSSPs. The following 10 criteria can help you select
the right provider to protect your vital IT assets while better
managing your compliance.
1. Broad portfolio of security services
As a result of the dynamic nature of your business environment,
the influx of new threats and the changes in regulatory requirements, your security needs are continually evolving. Your managed security services partner should offer a robust suite of
vulnerability assessment and management services that can help
keep you protected ahead of threats, regardless of your security
challenges. To meet your budget and unique protection requirements, choose an MSSP that provides multiple service levels and
the ability to mix and match services. Also, consider a provider
with offerings that are prepackaged and structured for more
consistent delivery and performance. Through world-class
services that address risk across each aspect of your business, you
can build a strong security posture that can help you reduce
costs, improve service and manage risk.
2. Highly respected security intelligence and research
professionals
The MSSP you choose should have extensive, top-tier internal
and external resources with ongoing insight into the latest attack
strategies, network threats and vulnerabilities, including up-todate information on emerging threats and remediation. Global
operations groups, strong research and development teams, and
time-tested vulnerability and threat analysis processes are crucial
to keeping your company protected from evolving attack
schemes and technologies. In addition, the provider should be
able to dedicate research resources to investigating vulnerabilities and threats, whether by assigning specific duties to each
resource or by demonstrating a rotation of duties.
Email IBM
4
Selecting a managed security services provider
3. Excellent reputation
The reputation of an MSSP and its history of customer satisfaction are important factors to consider. Look for a provider that
has successfully retained customers for several years. Ask what its
average customer churn rate is, looking for long-term customers
from your industry and with similar network needs. Ask to see
results from current customer satisfaction research conducted
either internally or by a third-party vendor. Review analyst
reports that include the MSSP, and compare the provider with
its competitors for an unbiased evaluation of its services and
expertise. Also, consider whether or not their solid reputation
stands beside a solid vision for the future. Make sure that the
provider is investing in its portfolio of solutions and services and
has a clearly defined strategic roadmap that aligns with your
security goals.
4. Robust, web-based management tool to improve visibility
and intelligence
Although the MSSP can deliver a portion or all of your of your
IT security program, your IT team nevertheless needs ready
access to a robust view of your entire security infrastructure.
Look for an MSSP that provides a single management console
with the flexibility to mix and match by device type, vendor and
service level that can meet your individual business needs. The
best web-based management tools will allow your security
resources to more easily monitor both managed and unmanaged
security devices via the cloud and traditional approaches.
5. Sophisticated back-end technology
Once you are certain that an MSSP is committed to ongoing
global security intelligence, make sure it has the back-end technology to align that intelligence with your IT infrastructure and
security initiatives. The underlying protection system, accessed
through a management portal, should perform far more than
simple event monitoring and device management. It should also
have the capability to go beyond the normal limits of IT security
to perform advanced analysis, correlation, aggregation, categorization and prioritization. Additionally, security intelligence
should be integrated, enabling alerts from multiple service
offerings to be chained together. This helps reduce the rate of
false positives and streamline the identification of advanced
threats, whether the threats target just your organization or a
wide range of organizations.
Look for technology with incident escalation and remediation, as
well as a sophisticated alert mechanism—all tied to an enormous
database of known threats provided by and continually updated
by the MSSP. Make sure that your provider is using a common
platform across its customer base, rather than attempting to
manage multiple distinct platforms simultaneously, which can
increase opportunities for variance in service delivery.
6. One-stop solutions for federal, state and industry
regulations
Your MSSP should have a deep understanding of the compliance
regulations that apply to your particular industry. Therefore,
confirm that their work conforms to relevant industry-standard
security and audit protocols. Consider seeking governance, risk
and compliance services from a single vendor that can help you
evaluate your existing security practices in the context of your
requirements and future objectives, including technical and business considerations, in addition to compliance.
An MSSP with robust services that are designed to better manage your compliance may include capabilities for not only regulatory and standards compliance, but related functions such as
security risk management, security program design and management, privacy and security education and training. In addition,
verify that the MSSP has an internal governance structure in
place, such as the IT Infrastructure Library (ITIL) framework,
that includes best practices methodology, incident management
and security operations management.
Email IBM
IBM Global Technology Services
7. Broad security infrastructure expertise
Check the provider’s understanding, experience and reputation
in terms of providing the infrastructure and system integration
that can support your overall security strategy and objectives.
The MSSP should have extensive infrastructure expertise that
includes in-depth knowledge of hardware, software data center
and network requirements, particularly as they relate to security
best practices. MSSPs that offer integrated technology services,
such as business continuity, integrated communications and storage and data services, can extend the value of their managed
security services offerings. The MSSP should have the skills and
analytics capabilities to help you understand how a securityrich infrastructure can support your growth beyond your
managed security services implementation and expansion into
adjacent areas.
5
Look for structured fixed-price, fixed-scope offerings that demonstrate the provider’s ability to deliver services reliably and
repeatedly. Also, ascertain that the SLA serves your particular
needs. After adopting the security service, validate and test the
provider’s capabilities, and verify that performance meets contracted agreements.
10. Financial stability
One of the most important criteria to consider when evaluating
MSSPs is their financial stability. Managing security on an outsourced basis for large numbers of customers requires significant
capital and resource outlays to operate a global network of security operations centers, develop new technologies and attract and
retain knowledgeable and motivated personnel. As with any
business decision, look for an MSSP with deep resources and a
sustainable business model.
8. Multivendor support of security devices
In addition to managing and monitoring your security posture
around the clock, your MSSP must have the capability and certification to protect your current equipment so you can avoid
unnecessary and costly technology changes. Look for an MSSP
that has extensive experience in managing a variety of technologies and platforms, in addition to its own suite of products. Ask
for a list of platforms that the MSSP is certified to manage. If
your current platform does not appear on the list, check with the
provider to see if services can be customized to suit your needs.
However, beware of providers who insist they can support any
IT environment and business need, because the time and cost
involved in ramping up a global set of resources to deliver
expert, consistent and reliable services can be substantial.
9. Flexible, guaranteed, performance-based service-level
agreements
Service providers can claim they respond rapidly and thoroughly.
However, the MSSP you choose should offer not only a rapid
response guarantee but also a guarantee of protection against
emerging Internet threats. The provider must be willing to stand
behind these commitments in the service-level agreement (SLA).
IBM Security Services
Many discerning organizations that take the time to thoroughly
investigate MSSPs choose IBM Managed Security Services to
protect their enterprises. In fact, IBM is recognized in the industry as a managed security services leader. Gartner, Inc., has positioned IBM as a Leader in the Magic Quadrant for Global
MSSPs.2 In addition, IBM is a leader in the Forrester Wave™:
Information Security Consulting Services, Q1 2013.3
IBM Managed Security Services deliver advanced security solutions for near-real-time security management, including system
and identity monitoring and management, emergency response
and around-the-clock protection from the Internet’s most critical
threats. IBM’s portfolio of security services helps organizations
reduce risk, escalating security costs, and complexity, while
better managing compliance. The broad portfolio of
IBM Managed Security Services solutions includes standard
security management and monitoring as well as cloud-based
security service offerings.
Email IBM
6
Selecting a managed security services provider
Managed Security Services (core offerings)
●●
IBM Managed Security Services (core offerings) provide aroundthe-clock monitoring and management of security technologies
housed in an organization’s IT environment. Through a single
management console, organizations can view their entire security infrastructure and remain actively involved with their information security programs in collaboration with IBM. Offerings
include:
●●
●●
●●
Firewall management. Providing near-real-time security
monitoring, management and analysis of firewall alerts and
logs, this service delivers customized protection for less than
the cost of many traditional solutions. It helps provide
preemptive protection from known and emerging security
threats, as well as vendor-neutral support that can help
optimize your existing security investments. IBM’s firewall
management service keeps you informed with robust and
customizable reports, along with executive and technical
reporting options.
Intrusion detection and prevention system (IDPS)
management. This service is designed to improve your
security posture by protecting your networks and servers from
internal and external threats and intrusions. Additionally, it
delivers advanced attack detection by taking a multistep
approach to event analysis and attack recognition. This service
also provides configuration and customizable reporting, as
well as increased visibility into your security events.
Managed protection services. These services can deliver
expertise in monitoring, management and incident escalation
for your IT infrastructure around the clock. Managed
protection services represent an enhanced, robust managed
security solution from IBM and include IBM’s unique
protection guarantee SLAs.
●●
●●
●●
Unified threat management. This service comprises two
discreet security technologies—protection and content—
which correspond to the capabilities available from marketleading unified threat management appliances. The protection
component supports and manages intrusion prevention
systems and firewalls designed to block traditional attacks like
worms, Trojans and intruders. The content component
provides management and support for web and email filtering
and antispam and antivirus technology (where available).
Secure web gateway management. Along with ongoing
support to help protect critical web-based transactions, this
service provides access to a web-based portal designed to
optimize your security devices and give you an overall view of
your security status. The service supports proxy or cache,
content filtering, directory services and application control. In
addition, it combines ongoing threat monitoring with
advanced policy management capabilities to help improve
your security posture.
Security intelligence analyst. With this service, you get a
dedicated SOC specialist who works with you to analyze your
current security posture, review trends in your environment
and provide policy tuning and strategic recommendations to
strengthen your overall security posture.
Managed security information and event management
(SIEM). This service provides around-the-clock security
monitoring and reporting of activities across the enterprise
and for specific users. We help you better identify and respond
to threats, manage compliance and optimize your infrastructure investment. Our services, which can be delivered at a
more predictable monthly cost, support multivendor SIEM
systems and can add value to your existing implementations.
Email IBM
IBM Global Technology Services
Cloud security services
●●
Cloud security services from IBM use the power of the
IBM Virtual SOC platform to deliver high-value services that
require little or no security device investment or maintenance,
making the total cost of ownership much lower than what companies incur performing these security services in house. The
cloud-based security services offerings from IBM are complemented by a robust portfolio of traditional managed security and
professional services solutions. Cloud-based security services
from IBM Managed Security Services include:
●●
●●
●●
●●
Hosted email and web security. Designed to help clients
protect their email and data from unintentional exposure
resulting from malware, identity theft and phishing scams, this
service can protect IT infrastructure and business continuity
by virtually eliminating performance degradation and system
crashes. It also reduces the need for additional hardware and
software solutions. The service can help improve employee
productivity by protecting desktop performance, helping
prevent access to inappropriate websites and helping clients
streamline web security configuration and administration
through a web interface.
Hosted security event and log management service. This
service enables IT teams to compile the event and log files
from network applications and operating systems, as well as
security technologies, into one seamless platform. It offers the
ability to run queries on all of these logs using a single
interface. This innovation dramatically improves the speed of
conducting security investigations.
Hosted vulnerability management. Providing cloud-based
internal and external infrastructure scanning through a single
portal, this service streamlines compliance management
requirements. It supports compliance initiatives by scanning
for and classifying vulnerabilities, and it provides the data and
remediation steps for managing security risks and reducing
threat exposure.
●●
●●
7
IBM® X-Force® hosted threat analysis service. Delivering
customized information about a wide array of threats that
could affect network security, this security intelligence service
helps you proactively protect your networks with detailed
analyses of global online threat conditions.
Hosted application security management. This service
provides an advanced application security analysis to help
identify and analyze web application security risks. Designed
to detect threats before they can be exploited, it helps reduce
application downtime and improve application availability and
compliance management.
Hosted mobile device security management. A fully managed
solution that supports virtually all mobile devices across
platforms, this service is designed to provide the knowledge,
technology and ongoing management to help protect against
mobile device risks. Hosted mobile device security management can help you address data security issues, reduce capital
and operational costs, better manage regulatory compliance
and improve employee productivity.
Managed distributed denial of service protection. This service
provides a multilayered approach to help you plan for, respond
to and correlate data during an attack. By combining
IBM security expertise with the cloud-based Kona Site
Defender technology from Akamai, you can avoid potential
attacks on your infrastructure, helping to facilitate sustained
performance and availability.
Why IBM Managed Security Services?
IBM’s broad range of solutions across the Managed Security
Services portfolio enables end-to-end security monitoring and
management, better visibility and increased efficiency while
supporting multiple technologies, vendors and devices.
We have nearly 50 years of security experience and more than
3,500 skilled security services professionals with deep expertise
in the broad threat landscape. Additionally, we use a simplified,
predictable pricing model and a vendor-neutral approach for our
core offerings, which helps you better manage costs and optimize the value of your existing security investments. We also
Email IBM
8
Selecting a managed security services provider
provide enhanced flexibility, allowing you to choose the level of
service suited to your security infrastructure and to make device
configuration changes without per-device restrictions. Solutions
and services from IBM systematically integrate both new and
existing security capabilities, providing critical visibility and
robust controls, and reducing complexity.
IBM security analysts and specialists are located in 10 global
security operations centers (SOCs), where they analyze
15 billion security events daily. (See Figure 1.)
Security Operations Center Staffing
Intelligence
IBM Managed Security Services are virtually unmatched in their
ability to provide the deep analytics needed to ward off the wide
range of threats facing organizations today. By collecting
security-relevant data via near-real-time client feeds, we embed
our knowledge into our professional engagements to help conduct analyses, fraud prevention and anomaly detection.
At the core of IBM Managed Security Services, the
IBM X-Force research and development team provides the
foundation for the proactive approach to Internet security that
customers have grown to expect from IBM. In fact, the
IBM X-Force team is one of the best-known commercial security research groups in the world. In addition, the IBM X-Force
team serves as a trusted security advisor to federal, state and local
government organizations, helping create governmental security
standards and initiatives.
The IBM X-Force team comprises more than 15,000 researchers, developers, analysts and specialists on security initiatives. It
is responsible for over 1,000 security patents. This group of
security professionals researches and evaluates vulnerabilities and
security issues, develops assessment and countermeasure
technology for IBM products, and educates the public about
emerging Internet threats through threat reports produced
throughout the year, as well as critical alerts and advisories. The
IBM X-Force team maintains one of the world’s most robust
threats and vulnerabilities database—the result of tens of thousands of hours of research by the team.
1st shift
2nd shift
3rd shift
Atlanta, GA, United States
Brisbane, Australia
Brisbane, Australia
Boulder, CO, United States
Brussels, Belgium
Hortolandia, Brazil
Bangalore, India
Bangalore, India
Southfield, MI, United States
Tokyo, Japan
Wroclaw, Poland
Heredia, Costa Rica
Figure 1. IBM Security Operations Centers (SOCs) are staffed around
the clock.
Innovative security technologies
IBM Managed Security Services, in addition to depending on
SOC security professionals, is supported and enabled by the
IBM Virtual SOC, a security-rich web-based management tool.
Using the combined capabilities and intelligence of the global
SOCs, the Virtual SOC provides a single interface (shown in
Figure 2) for security managers to more easily monitor the
security of the overall infrastructure of managed and unmanaged
security devices around the clock. The Virtual SOC portal combines IBM X-Force security research with service-level data
from devices across company networks, helping IT teams manage vulnerabilities discovered in their systems.
Email IBM
IBM Global Technology Services
9
Figure 2. The IBM Virtual Security Operations Center (SOC) portal lets you more easily monitor the security of your systems.
IBM Managed Security Services clients can use the Virtual
SOC portal as their single command and control center for their
security management services. The security-rich web-based
portal helps organizations collaborate with their team of
IBM security specialists and offers the intelligence, tools and
capabilities necessary to make near-real-time decisions to
improve the security posture.
The IBM X-Force Protection System is a highly sophisticated
back-end system that delivers the ongoing security intelligence
available through the Virtual SOC. It can help broaden your visibility into the attack surface, notifying you of the suspicious
actors who are targeting your infrastructure and providing global
statistics regarding the number of IBM customers affected, the
industries targeted and the attack techniques deployed over time.
Email IBM
10 Selecting a managed security services provider
A cloud-based security platform and analytics engine, the
IBM X-Force Protection System is built on top of a community
of interest that includes nearly 4,000 customers. IBM can profile
attackers by tracking the organizations contacted, the industries
targeted and the techniques used. Harvesting this information,
IBM can examine its customer-base, notifying customers with
similar vulnerabilities and the likelihood of attack. Further, it
escalates priority events to alert an IBM security analyst or client
to take action and offers individualized remediation advice and
capabilities, such as ticketing and integrated workflow.
Analysis of the data populates near-real-time and on-demand
dashboards, such as configurable home dashboards, the
Suspicious Host Dashboard, the Internet Protocol (IP)
Intelligence Report and the Alert Monitor. The more diverse
the services and their data sets, the more valuable and actionable
the analysis. By providing a single management and operational
view of your entire security infrastructure—regardless of vendor
or device type—the X-Force Protection System allows you to
more efficiently manage your security operations, particularly if
you are dealing with multiple sites.
The benefits of choosing IBM Managed
Security Services
IBM Managed Security Services helps you reduce the need for
in-house security resources by allowing you to outsource security operations or supplement existing security teams. We offer
the expertise to help you better manage the complex security
landscape; provide the extensive industry knowledge needed to
evaluate security risk posture; and deliver innovation through
security-rich, end-to-end security solutions. IBM Managed
Security Services can help you:
●●
●●
●●
Improve your security posture. By providing ongoing
insight into emerging Internet threats and remediation
recommendations, IBM Managed Security Services helps
enhance protection, increase business continuity, unify policy
management and protect your reputation. The IBM X-Force
team delivers deep, continuous security intelligence, while the
IBM Virtual SOC portal offers needed visibility, control and
automation, enabling more proactive, near-real-time security
management.
Reduce costs. IBM Managed Security Services and the
Virtual SOC can help significantly reduce escalating security
management costs. IBM services are designed to reduce the
total cost of ownership, allowing you to reallocate resources to
other business objectives. Your organization can eliminate the
cost of hiring and training additional resources to maintain
proper network protection. Other cost savings may result
from reduced downtime, optimized infrastructure and
improved productivity.
Simplify management. The IBM Virtual SOC offers a
robust mechanism for enterprise-wide security management
for IBM offerings and other security solutions, as well as
practically all domains of risk. IBM helps increase operational
efficiencies by virtually eliminating manual audit tasks and
reducing the number and complexity of required security
controls. IBM Managed Security Services also help reduce
redundant security expenses. You can consolidate multivendor
environments for easier management while more efficiently
managing global operational footprints.
Email IBM
IBM Global Technology Services 11
●●
●●
●●
Protect service investments. With IBM Managed Security
Services, you benefit from guaranteed performance-based
SLAs, facilitating 100-percent accountable and reliable
protection. Standardized, repeatable and predefined services
and asset-based delivery founded on industry-recognized best
practices help optimize service investments. Additional
protection results from simplified contracts, predictable
pricing and access to a broad range of flexible services from
one IT service provider.
Protect existing IT investments. IBM Managed Security
Services are based on a vendor-neutral approach to security
management, which supports a variety of device types from
many vendors. Integrated services delivery allows for the
seamless integration of disparate security technologies, and
together with built-in security intelligence, helps improve
decision making and enhance infrastructure investments.
Enhanced security management is designed to extend the
value of your security infrastructure investments by optimizing
their performance.
Manage compliance better. Through ongoing security
monitoring and documented security policies and procedures,
IBM Managed Security Services helps you improve your
compliance management with government and industry
regulations. IBM holds certifications for some of the industry’s
most complex compliance regulations and can offer the
expertise to assist you in implementing internal and regulatory
controls for a wide range of compliance mandates.
IBM enables integrated delivery of security technologies
required by many regulations, such as firewalls, intrusion
protection systems, vulnerability management, and security
event and log management.
IBM: Delivering confidence, simplicity
and value
Outsourcing your managed security needs helps you to improve
your security stature, reduce operational costs and focus key IT
personnel on core business functions. Central to the success of a
security outsourcing decision is choosing the right provider.
Organizations should seek a provider with a history of reliable
service and financial stability, along with reliable SLAs that
include guaranteed protection. A redundant global network of
SOCs staffed by experienced security specialists and robust, continually evolving set of services can better protect security investments and the enterprise.
IBM Managed Security Services is designed to help organizations benefit from improved operational, financial and strategic
efficiencies across the enterprise and, most importantly, gain the
ability to advance their security management practices.
Companies that choose IBM can quickly gain confidence by
working in collaboration with the world-class IBM X-Force
security team. They also appreciate the simplicity offered by the
IBM Managed Security Services Virtual SOC portal. Just as
important, IBM’s 10 global SOCs deliver consistent, premium
levels of managed security services, offering optimum value for
organizations counting on IBM to support their risk management objectives.
Email IBM
For more information
To learn more about the IBM Managed Security Services, please
contact your IBM representative or IBM Business Partner, or
visit the following website: ibm.com/services/us/iss
­
­ ­
Additionally, IBM Global Financing can help you acquire the IT
solutions that your business needs in the most cost-effective and
strategic way possible. We’ll partner with credit-qualified clients
to customize an IT financing solution to suit your business goals,
enable effective cash management, and improve your total cost
of ownership. IBM Global Financing is your smartest choice to
fund critical IT investments and propel your business forward.
For more information, visit: ibm.com/financing
­
© Copyright IBM Corporation 2014
IBM Corporation
IBM Global Technology Services
Route 100
Somers, NY 10589
Produced in the United States of America
March 2014
IBM, the IBM logo, ibm.com, and X-Force are trademarks of International
Business Machines Corp., registered in many jurisdictions worldwide. Other
product and service names might be trademarks of IBM or other companies.
A current list of IBM trademarks is available on the web at “Copyright and
­
­
trademark information” at ibm.com/legal/copytrade.shtml
This document is current as of the initial date of publication and may be
changed by IBM at any time. Not all offerings are available in every country
in which IBM operates.
It is the user’s responsibility to evaluate and verify the operation of any other
products or programs with IBM products and programs.
THE INFORMATION IN THIS DOCUMENT IS PROVIDED
“AS IS” WITHOUT ANY WARRANTY, EXPRESS OR
IMPLIED, INCLUDING WITHOUT ANY WARRANTIES
OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
PURPOSE AND ANY WARRANTY OR CONDITION OF
NON-INFRINGEMENT. IBM products are warranted according to the
terms and conditions of the agreements under which they are provided.
1A
commissioned study conducted by Forrester Consulting on behalf of
IBM, “Surviving the technical security skills crisis: An assessment of the
current security skills landscape and how to overcome it,” May 2013.
2 Gartner
Research note: “Magic Quadrant for Global MSSPs”–
Kelly M. Kavanagh, February 26, 2014, G00247003
3 Forrester
Research, Inc., “The Forrester Wave™: Information security
consulting services,” Q1 2013, February 2013.
Please Recycle
SEW03026-USEN-02

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2026 Paperzz