Documente Academic
Documente Profesional
Documente Cultură
CHAPTER-1
1.INTRODUCTION
Furthermore there are broader types of information that have safeguarding needs. These include less tangible values such as reputation and public perception of competence, effectiveness and efficiency that may be adversely affected by security failures. These intangible assets may be lost as a consequence of a security failure affecting tangible information assets.
Information can be in any form. It may be printed or written, stored electronically, transmitted by post or electronically, shown on films, spoken in conversation or exist as perceptions. It therefore includes: Documents and papers; Electronic data; The Systems (software, hardware and networks) on which the information is stored, processed or communicated; Intellectual information (knowledge or perceptions) acquired by individuals; and Physical items from which information regarding design, components or use could be derived.
Emergence of complex and closely interconnected business-to-business relationships have made security perimeter around a single firms network disappear. It is being replaced by a network of protected business relationships. The major challenge in such environments becomes the identification of legitimate partner and potential intruders to protect computing resources and business data from unauthorized access.
Enabling, but complex to manage, technologies such as web services further complicate provision of security to enterprise resources. Originally web services were envisioned as a lightweight solution to allow different applications to talk freely; however, it is becoming apparent that for web services to be successful, security issues need to be addressed.
To make matters more complicated, there are now many more technologies that allow making information transfer in and out of a company almost uncontrollable. Use of storage area networks, peer-to-peer communications and instant messaging provide broad opportunities for information transfer and significantly complicate determination of security perimeter. Further, many such technologies are used in telecommuting and telework that are projected to continuously grow as more enabling and collaborative technology evolve. For example, Starner (2003) reported that more than 80% of executives worldwide expect some of their workers to telecommute over the next two years.
Therefore, firms increasingly find that they are unable to manage security of their resources themselves. This has led to one of the most interesting emergent phenomenon the spillover of outsourcing into the area of information security. While counterintuitive, in 2002, 3 - 29% of all European enterprises intended to use managed security services. Outsourcing of security services is an interesting but perplexing phenomenon because firms are often ready to hand over the security of their precious digital assets to outsiders.
Estimates report the current number of companies obtaining security from outside providers to be up to 30% and growing. A compound annual growth rate in the market of Managed Security Services Providers (MSSP) is estimated to be at least 17-20%. The entire market is expected to grow from $1.7 billion in 2007 to 3.2-3.7 billion in 20115-12. In addition, there is significant consolidation in the MSSP market with the number of providers getting smaller while increasing their range of services.
The cost/benefit tradeoffs for MSSP arrangements are still not well understood. The risks of working with MSSP include issues of trust, dependence on outside entity for support of critical
3
functions, and ownership of systems (Allen et al.,2003). However, as Allen and Gabbard (2003) point out, there are multiple benefits that individual firms can derive by using MSSPs:
Cost savings: cost of managed security service is usually lower than hiring in-house fulltime experts. MSSPs are able to spread their investment in infrastructure and people across several clients.
Staffing: shortage of qualified security personnel puts big pressure on companies to recruit, train and retain their security staff. Skills and security awareness: MSSPs have better insight into evolving security threats directly and indirectly because of their focus and wider install base. MSSPs can provide objectivity, independence, liability protection, dedicated facilities, 4 and round-the-clock service.
While current MSSPs focus on their relationships with government entities and large companies, benefits of managed security services are also appealing for small and medium size companies due to relative amount of resources that they have to commit to security operations. Thus, MSSP service offering is attractive to a wide range of organizations and study of MSSP markets has real practical value.
In this report I explore the structure of the MSSP market as well as its formation process and stability. We primarily try to identify whether there are indeed economic benefits for firms to hire external entities to manage their security. I observed the economic incentives that lead to particular choices in security outsourcing.
For example, service provider will show that it may be beneficial for firms to join larger groups (MSSP networks) just to hide themselves from potential attacks among other targets. We compare two different types of ownership structures for MSSP:
4
A consortium based approach where several companies join hands to pool their resources to collectively provide security for their computing resources; and When a MSSP is a for-profit provider who manages security for a group of firms.
Another related issue concerns the form of ownership of a MSSP network. Given the B2B relationships that companies have with each other it would seem that a consortium based approach may be appealing. However, we show that firms may have better incentives for joining a for-profit MSSP, especially initially when network size is small. We also identify conditions under which profit-oriented proprietary MSSPs may have larger size than consortium operated MSSPs.
computers source code and any breach of confidentiality and privacy obligations by a person havingpowers under the IT Act. Data Protection and Property Rights Article 300A of the Constitution ensures the right not to be deprived of property except by authority of the law. However, this right can be claimed only against the State and not against private individuals or employees. Further, the data in question has to be regarded as property. The Copyright Act, 1957 (Copyright Act) protects Intellectual Property rights in literary, dramatic, musical, artistic and cinematographic works. The term literary work includes computer databases as well. Therefore, copying a computer database, or copying and distributing a database amounts to infringement of copyright for which civil and criminal remedies can be initiated. However, it is difficult to differentiate between data protection and database protection under the Copyright Act. Data protection is aimed at protecting the informational privacy of individuals, while database protection has an entirely different function, namely, to protect of the creativity and investment put into the compilation, verification and presentation of databases.
CYCOPS is founded by industry professionals with a vision of delivering effective managed security services and solutions to organizations of all sizes. CYCOPS has since gone on to provide its business oriented security offerings to a list of steady growing clientele. CYCOPS provides professional security services using established information security standards to both private and public sectors. We are an Information security solutions partner to business and
6
government. CYCOPS broad range of strategic solutions, services, and expertise can help you improve infrastructure and application performance; secure your data wherever it is, create a collaborative environment, and connect with your customers, partners, suppliers, and employees when and where you need to.
CYCOPS provides information security solutions to customers in a wide variety of industries including manufacturing, healthcare, banking, environmental response, consumer products and technology offering a three-tiered solution that combines managing, monitoring and maintaining network security. CYCOPS has been providing services and solutions to Data Centers, Telecommunication sectors and Internet Service Provider markets. CYCOPS provides turnkey independent and managed solutions, focusing on information technology and security, including compliance with ISO 27001, HIPAA, BS7799, COBIT and PCI DSS. CYCOPS has partnered with various companies across the world to enable complete 24/7 monitoring of systems such as firewalls, intrusion detection/prevention, and VPN solutions, as well as staffing knowledgeable people.
CYCOPS provides security solutions to customers in a wide variety of industries including manufacturing, healthcare, banking, environmental response, consumer products and technology offering a three-tiered solution that combines managing, monitoring and maintaining network security. With a serious commitment to the individual customer relationship, we specialize in configuring and monitoring each system to meet the specific security needs of each customer.
CYCOPS strives to foster long-term relationships in partnership with client organizations in order to effectively develop unique security solutions based on specific business and operational requirements. They assist or advise our clients on continuous identification, correction, maintenance and management of mission-critical security systems and data protection. Through this process our clients consistently benefit from our expert knowledge and skills.
CYCOPS continuously remain abreast of developments in the IT industry evaluating new products for suitability in our clients businesses and recommending upgrades to our software suppliers. They also focus on improving our value-added services to clients either by expanding
7
existing services or introducing new ones, in response to market needs and client requirements. CYCOPS staff skills range from programming to in-depth knowledge of large corporate networks, fire-walling and security on all operating system platforms. A pro-active skillsdevelopment program ensures that staff receives extensive training so that their knowledge and technical expertise remains current.
1.4 VISION&MISSION:
MISSION: To be a premier Information security Research and Development center and to excel in the development of India as a secured nation. VISION: To lead and inspire, through excellence in training and research the education and development of a Secured Nation.
G. LAKSHMIKANTH REDDY: He is an expert in computer forensics, web application security, shell coding etc. He is been performing pentests for many organizations and has been training corporates and students for four years now. He has also been to Tanzania to train the Tanzanian Revenue Authority in ethical hacking and computer forensics.
G. JUSTIN: Around four years of diversified professional work and experience in Information Security, Attack and Penetration, Forensic Investigations, Reverse Engineering along Wi-Fi Architecture & security, Incidence Response with implementation experience in e-security products and networking products in multi-platform environments.
NAVEEN KUMAR SINGH: He has an experience of three years in security pertaining to concepts of network security, pentesting, wi-fi security, rfid. He also has been training corporate and students on security. He has been speaking about Information security with the media and also at conferences as the one conducted by Manipal Institute of technology (M.I.T). Worked on advanced concepts like WIMAX security and Mobile adaptive routing.
RAVI KUMAR CH: Ravi Kumar CH is an IT Consultant, having 18+ years industry experience. He worked with companies like HCL Hewlett Packard & Accel Frontline and served Defense, Education and Manufacturing verticals. He Holds a PG Diploma in Marketing
We combine our broad range of services,trainingns and expertise to help some of the world's best organizations and governments - meet the challenges of their increasingly extended enterprises. We can help you: Improve accuracy and responsiveness. Reduce administrative overhead and cost of maintaince.
9
Improve security analysis, controls, and audit capability. Reduce downtime. Minimize employee misuse of Internet and other resources. Our goal is to help you setting up heighest level of security for your extended enterprise. To lead and inspire, through excellence in training, services, Awareness and research towards the development of India as a SECURED NATION
1.6 VERTICALS:
Cycops spreads its business majorly into four verticals : Training Services Research & development Awareness
Cycops has trained both corporate and Law enforcement departments. Below are few of Cycops training experiences: Trained state cops (Intelligence Department) in catching Cyber Criminals. Trained State Cybercrime department in Crime Investigation techniques. Trained Tanzanian Revenue Authority on Ethical Hacking & Computer Forensics Investigation. Trained corporates like HSBC, GENPACT, GOOGLE, IBM, Kennametal,CtrlS, Adept Technologies etc Seminars on Information security and Ethical Hacking has been given at places like GMRs National conference, MIT (Manipal institute of Technology) etc Have experience in deploying IS services at defense organizations like (RCI, MCEME, Radiant Global, Inc. etc)
10
The following are the fields in which training is provided. Introduction to Information Security Penetration Testing & Ethical Hacking OS Hardening Forensics Investigation Shell scripting & Programming basics Reverse Engineering Malware Analysis Reversing Applications Wireless Security RFID Bluetooth Designing and Implementation of Firewalls & IDS/IPS Log Analysis Incidence Response Public Key Infrastructure
As a part of their services vertical Cycops offer individual services like VULPEN (Vulnerability Assessment & Penetration Testing) SACT (Security Audit & Compliance Test) SADI (Security Architecture Design & Implementation) Decontamination Wi-Fi Security COFOIN (Computer Forensics Investigation)
Another major service of Cycops is its fully managed end to end security solution including design, implementation, service and project management known as FINS (Framework on Information Security)
11
VULPEN:
The automated vulnerability scanning solution provided by CyCops Security helps to ensure the security of your external facing network devices by providing timely and up to date vulnerability scans. Scanning CyCops Security uses two of the world's leading scanning products to provide the automated scanning solution. Both of these products are network-based scanners that can detect vulnerabilities on all networked assets, including servers, network devices, peripherals and workstations.The scans include checks for thousands of security vulnerabilities and are regularly updated as new vulnerabilities are announced.
NETWORK MAPPING:
An optional network mapping component can be included in the package that will review your external network and report on which IPS are active and detect any changes in your external facing network.
SCAN ANALYSIS:
An optional component can be included which provides analysis of the reports by a CyCops Security team member to highlight and quantify the risk of issues reported.
KEY POINTS:
Provides a higher level of security assurance than snapshot 'point in time' vulnerability scans Both of the backend
scanning products are approved PCI scanning vendors and can be used for PCI required network scans
Customized reports range from summary executive reports through to full technical details reports Scan data is kept secure at all times, and reports are delivered in a secure manner
12
PENETRATION TESTING:
Penetration testing simulates an attacker attempting to gain access to a specified target server or application. A penetration test involves the use of automated testing tools as well as manual test methods to review the security from an external or internal perspective.
REVIEW INCLUDES:
Attempted unauthorized access to applications, user data, services or internal network devices Credential brute forcing and password guessing Researching previously undiscovered vulnerabilities Testing for all known web application vulnerabilities Vulnerability assessment and network service review Increasing The Value of Penetration Testing is a presentation and white paper, which explains how you as a customer can gain more value from penetration testing.
13
14
Our service on Security Architecture designing and OS hardening will make you understand the process considerations; to organize architecture and actions toward improving enterprise security. Our Security Architecture design mainly concentrates on four sectors: Network security Host security Application security Data security
DECONTAMINATION:
Businesses around the world are being squeezed by the economic downturn, and the uncertainty facing them is compounded by significant risks due to data leakage, data loss and outside attacks, all of which have increased significantly over the past year. Do you know that an Antivirus company detects an infected system every 4.5 seconds? Do you know that 80% on internet of the loss caused because of Malware (Virus, Worms, Trojans, Keyloggers, Backdoors, Rootkits etc..)? If yes what steps are you taking to come across this kind of problems? What are your information security strengths and weaknesses? Are you protecting your most important business assets? A Comprehensive Security Decontamination performed by CyCops Professional Services can help you evaluate your current security problems regarding malware, so that you can take the next steps to reinforce your defenses.
We at CyCops are committed to helping you make viruses and spyware historyby assisting you over the personal visit to your home or from the convenience of your own home or office you can speak with one of our CyCops professionals, trained in different
15
We at CyCops realize that your computer is a tool. It exists to help you get things done more efficiently and with increased productivity. But when your computer is not functioning properly due to viruses or spyware problems, it can feel more like a headache than a tool to bolster productivity. Thats why we will assist you in completely removing all viruses and spyware from your computer. And afterwards, our experts will provide you with the tips and tricks you need to know about keeping your computer free from malicious programs in the future. We know that problems come in all sizes and shapesthats why we charge by the call. With no minimum charge, there is never a problem too small and we can assure you that our professionals will isolate your problem and help you fix it in the least possible time.
16
Secondary Objective: To find the importance of MSS &how it is useful to the business in global market To find out the benefits of managed security services To identify the major factors influencing the managed security services recommendations for managed security services
17
This study gives knowledge regarding to how to secure the important data.This is useful not only for officials who is having partial idea about security but also for individuals who does nt have idea about security and also to analyze the major factors influence the growth of the industry. And also to forecast the future of information security industry.
18
CHAPTER-2
19
SECURITY: Protection with respect to intended attacks, data spying, corruption SAFETY: The condition of being protected from or unlikely to cause danger, risk, or injury: "they should leave for their own safety".Protection with respect to dangerous errors of technical systems. SECURITY GOALS: CONFIDENTIALITY:
Confidentiality is the term used to prevent the disclosure of information to unauthorized individuals or systems. For example, a credit card transaction on the Internet requires the credit card number to be transmitted from the buyer to the merchant and from the merchant to a transaction processing network. The system attempts to enforce confidentiality by encrypting the card number during transmission, by limiting the places where it might appear (in databases, log files, backups, printed receipts, and so on), and by restricting access to the places where it is stored. If an unauthorized party obtains the card number in any way, a breach of confidentiality has occurred. Breaches of confidentiality take many forms. Permitting someone to look over your shoulder at your computer screen while you have confidential data displayed on it could be a breach of confidentiality. If a laptop computer containing sensitive information about a company's employees is stolen or sold, it could result in a breach of confidentiality. Giving out confidential information over the telephone is a breach of confidentiality if the caller is not authorized to have the information. Confidentiality is necessary (but not sufficient) for maintaining the privacy of the people whose personal information a system hold
20
INTEGRITY:
In information security, integrity means that data cannot be modified undetectably.This is not the same thing as referential integrity in databases, although it can be viewed as a special case of Consistency as understood in the classic ACID model of transaction processing. Integrity is violated when a message is actively modified in transit. Information security systems typically provide message integrity in addition to data confidentiality. AVAILABILITY:
For any information system to serve its purpose, the information must be available when it is needed. This means that the computing systems used to store and process the information, the security controls used to protect it, and the communication channels used to access it must be functioning correctly. High availability systems aim to remain available at all times, preventing service disruptions due to power outages, hardware failures, and system upgrades. Ensuring availability also involves preventing denial-of-service attacks. AUTHENTICITY:
In computing, e-Business and information security it is necessary to ensure that the data, transactions, communications or documents (electronic or physical) are genuine. It is also important for authenticity to validate that both parties involved are who they claim they are. NON-REPUDIATION:
In law, non-repudiation implies one's intention to fulfill their obligations to a contract. It also implies that one party of a transaction cannot deny having received a transaction nor can the other party deny having sent a transaction. Electronic commerce uses technology such as digital signatures and encryption to establish authenticity and non-repudiation. THREATS: Interception: an unauthorized party gains access to service or data. e.g: conversation eavesdropping, illegal copying of data
21
Interruption: services or data become unavailable, unusable, destroyed, etc. e.g:. data is corrupted or lost, denial of services
Modification: unauthorized tampering of data or services e.g:. changing transmitted data, altering database entries
INTRUSION PREVENTION:
With the increased complexity and sophistication of todays security threats, a firewall is not enough to keep todays networks safe. The Intrusion Prevention service constantly monitors network traffic for any potential threats to network data. Leveraging a continually updated IPS signature database, CYCOPS provides real-time, reliable protection from network and application attacks such as worms, viruses, Trojans, DoS, DDoS, SQL injections, and other blended threats without any degradation of network performance. The Intrusion Prevention service blocks known attacks that dont violate protocol standards or behavioral rules but carry malicious content. It offers proactive protection against zero day attacks and eliminates the window of vulnerability for new and emerging threats when signatures are not available. Spam Tracker Detecting and managing spam is a constant problem for businesses. Its a burden to employees, resulting in lost productivity and frustration. It also clogs email servers, slows network performance, and increases management costs associated with storing and maintaining unwanted email.
The Spam Tracker service automatically detects and manages spam in real-time on enduser desktops and laptops. Once the spam is identified and tagged, it can be directed to a separate email folder, saving your employees time and your business money.
22
Anti-Virus/Anti-Spyware
CYCOPS Anti-Virus/Spyware service provides real-time protection against worms and spyware from both inbound and outbound security threats. CYCOPS leverages a continuously updated list of anti-virus signatures to provide multi-layer defense from known viruses as well as new, unique outbreaks. We provide predictive defenses and complementary responsive techniques to stop these threats as soon as they emerge on the Internet.
CYCOPS Anti-Virus/Spyware service stops unwanted malware before it reaches a network. It minimizes network disruptions from virus and worm outbreaks and responds more effectively to fast-spreading attacks than traditional point and host security solutions. Even if an organization already has an Anti-Virus client deployed, an extra layer of security provides better protection from malicious traffic.
Firewall: A robust firewall is imperative for any business network as a first line of defense against intrusions and other threats. The CYCOPS Managed Firewall filters network traffic, allowing good traffic to pass while blocking potentially harmful traffic. This cost-effective, managed solution protects against unauthorized users, dangerous protocols and common network layer attacks without any impact on network performance.
CYCOPS Managed Firewall is available in Basic Firewall for small businesses and branch offices and Advanced Firewall configurations for medium to large businesses. If a company already has a firewall onsite, CYCOPS managed services can work in conjunction with the existing firewall and equipment, giving additional protection a firewall alone doesnt provide.
23
2.2PERIOD OF STUDY:
I have employed with Cycops India (P) Ltd. from 13/06/2011 to 06/08/2011. I had joined the organization as an intern, worked in the position of management trainee in the operations department. During the tenure, I have worked on a Managed Security Service project headed by Mr. Krishna Chaitanya, Founder & Managing Director and Manager for the client Everyday's Option. My major responsibilities were establishing a channel of communication, set policy, collect requirement from the client, documentation of the Standard Operating Processes etc. I was able to contribute to the optimum and meet the expectations of the organization. The period of study is for two months, from 13 June to 06 Augest 2011
24
CHAPTER-3
25
The MSSP market size eclipse $4 billion. Forrester estimates the global size of the managed security services market to be $4.5 billion, which includes out sourced and SAAS security services as well as other annualized security operations.
Mergers and acquisitions enhance current capabilities. The recent acquisition of VeriSign MSS by SecureWorks and the previous acquisitions of Counterpane, Cybertrust, and ISS have all been fairly successful at not just growing the MSSP market share for the acquirers but also at providing the financial wherewithal to invest in areas such as threat intelligence and to build new and enhanced services.
26
Partnerships expand international presence. Another trend is companies expanding beyond the traditional geographic boundaries to serve an increasingly global client base. Recent announcements of Solutionary partnering with e-Cop in Singapore and Secure Works acquiring DNS point to this trend.
A few years back as companies grappled with IT outsourcing it was safe to assume that the IT security organization was exempt because, as many chief information security officers (CISOs) told us, We would never outsource security. Guess what? Today, one in four now outsource their email filtering, and another 12% are very interested in doing so in the next 12 months. Another 13% already outsource their vulnerability management a treasure trove for potential hackers and an additional 19% say they are very interested in doing so in the next 12 months. Although security spending stayed flat for the most part in 2009, Forrester estimates that the managed services market grew by roughly 8%.
As per 2008 Yankee report, the global market for managed security services is around $9 bn and is growing at a rate of 26% y-o-y. APAC contributes around 35% of the market share, in which India, China and Japan are the key contributors. Therefore, opportunity is huge. Keeping these calculations in mind, we assume that the market size in India should be approximately, $400 mn, says Sunil Bhatt, CTO, Allied Digital. The Market India being a growing economy, the domestic market is evolving very fast. Its not just the large corporate but the SMEs as well who are embracing managed security services in a large scale today. With IT being the backbone of most businesses, it is of utmost importance to secure the environment and protect the infrastructure. With recent cases of hacking, frauds coming into the light, information security has become a pressing concern for CIOs. Many organizations report financial losses due to security breaches resulting in business loss. There is therefore, a growing demand in the enterprises to effectively monitor, detect, report and respond not only to the new security threats, but also to the existing
27
vulnerabilities in corporate IT systems and applications. Additionally, compliance and regulatory requirements are making it compulsory for the enterprises to adapt to latest security technologies and services, to safeguard their core business interest. Present Competitors IBM HCL TCS Verizon Business RCOM
One company can be classified as being the Next Generation of Managed Security Services. That company is ISS (Internet Security Systems). They are providing a new standard of accountability, whereas they are actually guaranteeing protection against Internet threats. Currently, they are the only MSSP in the industry offering a guaranteed protection solution. How can they do this you ask? They provide a solution that goes beyond simple event monitoring and device management, by offering a money-back guaranteed performance based Service Level Agreement (SLA). They are also providing the industry's only Managed Security Services protection warranty, providing customers with a $50,000 cash payment in the event of a security incident. This ensures 100% accountable, reliable protection.
28
With all of the successful attacks that a typical organization experiences on a day-to-day basis, how can an MSSP afford to provide such a service as a money back guarantee? The answer ISS has come up with is to address this concern, is "Intrusion Prevention".
Intrusion Prevention takes a preemptive approach to security. It is the next level to Intrusion Detection and Firewall perimeter defense. The devices in an Intrusion Prevention system are able to detect and block malicious activity, using sophisticated network analysis techniques and attack signatures. They have the ability to take action against attacks, such as worm outbreaks or malicious insider activity, and help to reduce the impact of fast moving or difficult to detect threats. One device that has had recent success in this department is the Proventia devices by ISS (Internet Security Systems). This suite of products offers a turnkey solution to layered security. It has the capabilities to offer firewall, intrusion detection, intrusion prevention, antivirus, and content filtering, all in one hardware appliance. In turn this device can not only detect attacks, but can stop them before any damage can occur to your infrastructure. It also has the capabilities of doing vulnerability assessments on the fly. It detects when a new device has entered the network and performs active and passive scanning that gives you a real-time picture of your security
29
CHAPTER-4
30
4.MARKET:
The gartner group estimates that more than 70 percent of all vulnerabilities discovered are internal and at application layer. And our experience shows that nine out of ten custmores have at least one serious hole that could lead to customer data disclouser or total system compromise. The CYCOPS penetration testing service looks at a web site from the perspective of a malicious hacker and finds the holes before they can be exploited. Targeting segments: Here the company mostly targeting on three major segments. Those are listed below: Corporate segment Small office home office segment(SOHO) End users
31
There are significant task and resource (labor) requirements when creating a secure computing environment. The tasks and resource requirements are realistic for any size company that truly values business continuance, wants to reduce the administrative burden of worms and viruses, and who needs to minimize the threat of unauthorized access. Without the proper attention to the above tasks, it is not a matter of if a security-related event will affect the business, but when
The following chart reflects some high-level benefits and assumptions associated with the minimum security program, a typical state-of-the-art program, and an accurate comparison to an outsourced Managed Security Service Provider.
There are significant task and resource (labor) requirements when creating a secure computing environment. The tasks and resource requirements are realistic for any size company that truly values business continuance, wants to reduce the administrative burden of worms and viruses, and who needs to minimize the threat of unauthorized access. Without the proper attention to the above tasks, it is not a matter of if a security-related event will affect the business, but when
The following chart reflects some high-level benefits and assumptions associated with the minimum security program, a typical state-of-the-art program, and an accurate comparison to an outsourced Managed Security Service Provider.
Security Program Requirements Staffing Requirement Staff Experience Monitoring & Response Administration Backup & Recovery Vulnerability Testing
In-house Minimum Security 1 Employee Junior - Mid. Level 9AM 5PM 9AM 5PM Business Hours Perhaps? / NonProfessional
In-house State-of-the-Art 6 Employees 24x7x365 coverage) Mid. Level * 24x7x365 24x7x365 Immediate Quarterly / Professional
Outsourced Security Service Outsourced Security Team Expert 24x7x365 24x7x365 Immediate Quarterly / Professional
32
Recent studies indicate that 62% of small businesses are marketing their products and services online through Internet tools, such as websites, search engine optimization, banner advertising, and email marketing. Internet marketing can be a time and cost-saving supplement to your overall marketing strategy.
Imagine being able to tap into the global marketplace from the convenience of our home office. Imagine reaching a much wider audience, quickly measuring the results of your marketing efforts, and having the ability to readily and cost-effectively adapt to changes in the marketplace, all with the click of a mouse. The Internet now makes this possible. And, as more small businesses go online, the Internets influence on marketing grows significantly each year. In 2005, Internet sales revenues are likely to surpass USD $133 billion worldwide.
INTERNET MARKETING
Internet marketing is the component of marketing that deals with the planning, pricing, promotion, and distribution of your products and services online. Good Internet marketing strategies clearly communicate a firms unique selling proposition, or the unique collection of benefits that creates value for its customers.
Everything you do to promote your business online is Internet marketing. For example, Internet marketing strategies include (but are not limited to) website design and content, search engine optimization, directory submissions, reciprocal linking strategies, online advertising, and email marketing.
33
Benefits The Internet is the widest channel of communication available to small businesses. It can help level the playing field for small businesses on a limited budget that seek to compete in large markets. No other communications medium enables you to operate a business from your home, while giving a small business the appearance of a larger, more established operation. Marketing your product or service online offers the opportunity for increased communication with your target market through techniques such as interactive websites, email newsletters, online surveys and forms, blogs, and discussion groups. The Internet allows you to collect immediate feedback from your client base with little out-of-pocket expense. Print marketing materials and advertising strategies can be expensive to produce and traditionally have a short shelf life. Internet marketing techniques such as websites, banner ads and email newsletters, can be produced at a reasonable cost, can contain more timely information than print brochures, and can be immediately and costeffectively updated as your business changes. Global Approach: Internet market allows us to serve an extensive portfolio of clients worldwide
Web Site marketing strategies Website Development & Search Engine Optimization (SEO) Submitting your Site to Search Engines and Directories Growing Inbound Links Online Advertising Models Publishing on Third-Party Websites Permission Marketing Using Email Business Blogs Affiliate/Referral Programs
34
` DEVELOPMENT REQUIREMENTS
Designing and building a website is only one aspect of bringing your business online. With billions of websites on the Internet, its just as important that you ensure people can find your website. And, since most website traffic still comes from search engines and directories 98% of Internet users claim they use search engines regularly you may want to focus your initial web marketing efforts on search engine optimization. The Internet is not the pot of gold at the end of the rainbow. It takes time, dedication and skills to be successful online. Without a solid business model, the skill set to effectively market and sell your product or service online, and a carefully planned marketing strategy, you will have little chance of succeeding online.
Search engines such as Google and Yahoo index billions of web pages and rank them according to complex algorithms that assess a pages accessibility, its relevance based on specific search terms or keywords, and importance indicated by the number of sites that link to it. Search engine optimization (SEO) refers to the work that is done to a website to ensure it gets noticed and ranked highly by search engines. Ideally, you want to strive for a top ten ranking, because studies have shown that most search engine users dont scroll past the first page of results.
Keep in mind, SEO is not an exact science, and as such, SEO specialists often use slightly different methods. That said, generally, SEO includes: Building a website using search engine friendly coding techniques that minimize the use of Flash and frames Researching appropriate search terms called keywords or keyword phrases that fit the target market Incorporating keyword-rich content into a websites domain name, meta tags, title tags, alt tags, headings and overall content, and ensuring that content is updated regularly. Submitting the website address to search engines Developing a reciprocal linking strategy with other websites to grow quality inbound links to the site
35
CHAPTER-5
36
5.FINDINGS,SUGGESTIONS&CONCLUSION 5.1FINDINGS:
In future the growth of information security industry will be higher. In Hyderabad cycops is the leading information company cost of managed security service is usually lower than hiring in-house full- time experts. MSSPs are able to spread their investment in infrastructure and people across several clients. shortage of qualified security personnel puts big pressure on companies to recruit, train and retain their security staff. MSSPs have better insight into evolving security threats directly and indirectly because of their focus and wider install base. MSSPs can provide objectivity, independence, liability protection, dedicated facilities, 4 and round-the-clock service. While current MSSPs focus on their relationships with government entities and large companies, benefits of managed security services are also appealing for small and medium size companies due to relative amount of resources that they have to commit to security operations. MSSP service offering is attractive to a wide range of organizations and study of MSSP markets has real practical value. A compound annual growth rate in the market of Managed SecurityServices Providers (MSSP) is estimated to be at least 17-20%. The entire market is expected to grow from $1.7 billion in 2007 to 3.2-3.7 billion in 20115-12. In addition, there is significant
37
consolidation in the MSSP market with the number of providers getting smaller while increasing their range of services.
The cost/benefit tradeoffs for MSSP arrangements are still not well understood. The risks of working with MSSP include issues of trust, dependence on outside entity for support of critical functions, and ownership of systems (Allen et al.,2003).
It is suggested that the organization can recommend its customers like individuals employees,software officials to know the need of information security. Trained and experienced hands should be employed in infrastructure to the customers. It suggested that organization can recommend all organizations (small,middle,large) to create new infrastructure by using information security policies inorder to keep the companiess data safely. The customer should forecast the need of security while fixing the safety equipement. The reason you're buying a firewall is because you're network's hardware and software isn't secure and that functionality should be embedded in your network. So, the future of security doesn't have it disappear, but it becomes embedded into the products you buy into your operating system, into your networking, and as you buy larger things, security stops being a separate thing you buy and instead becomes a component of everything you buy. The customer should get the security services from information security company which has more good will and more potentiality. company to high security
38
5.3 CONCLUSION: In the ever changing world of Information Technology, the faster the changes take place, the greater the threats will become. Hence, Information Security has never been more important than it is today, and it will only become more important in the future. A company needs to consider security needs to their network as a first priority. With that being said, the best option today for securing your infrastructure is through outsourcing. While outsourcing functions of a business (in general) is advantageous in many ways, outsourcing security functions has now become vital.
The benefits of Managed Security are a huge plus to any company today. But with the new services that MSSPs are offering and will start to offer well into the future, the managed security solution has gone way past being a luxury, and has now become a necessity.
In this report we examine the economic rationale for MSSP networks, i.e., to provide an economic rationale for why firms may choose to outsource security. Our results demonstrate that there are multiple interplaying factors that define attractiveness of MSSP networks to potential customers. The desire of firms to join a MSSP network to pool risk may be outweighed by the substantial start-up costs required under a consortium based approach. We also examine the growth and structural characteristics of optimal networks under a consortium based market structure and under a for-profit MSS provider, representing a monopolist setting. We identify the existence of critical mass problem in the formation of viable MSSP networks and suggest approaches that help overcome the critical mass problem. We show that our approach to overcome critical mass problem is optimal since it supports the minimum feasible initial network size for a feasible consortium based MSSP network. We define optimal growth strategies and economic rationale for viable MSSP networks under a consortium based approach and profit maximizing approach. Since joining a profit maximizing provider has less risk during the start-up as compared to consortium where an initial investment may be required, our results provide economic rationale for the observed phenomena of existence of more for-profit seeking
39
MSSP networks as compared to MSSP consortia. We also show that a for-profit provider may achieve larger network size than a consortium. APPENDICES: MANAGED FIREWALL A robust firewall is imperative for any business network as a first line of defense against intrusions and other threats. The CYCOPS Managed Firewall filters network traffic, allowing good traffic to pass while blocking potentially harmful traffic. This cost-effective, managed solution protects against unauthorized users, dangerous protocols and common network layer attacks without any impact on network performance.
CYCOPS Managed Firewall is available in Basic Firewall for small businesses and branch offices and Advanced Firewall configurations for medium to large businesses. If a company already has a firewall onsite, CYCOPS managed services can work in conjunction with the existing firewall and equipment, giving additional protection a firewall alone doesnt provide.
INTRUSION PREVENTION
With the increased complexity and sophistication of todays security threats, a firewall is not enough to keep todays networks safe. The CYCOPS Intrusion Prevention service constantly monitors network traffic for any potential threats to network data. Leveraging a continually updated IPS signature database, CYCOPS provides real-time, reliable protection from network and application attacks such as worms, viruses, Trojans, DoS, DDoS, SQL injections, and other blended threats without any degradation of network performance. The Intrusion Prevention service blocks known attacks that dont violate protocol standards or behavioral rules but carry malicious content. It offers proactive protection against zero day attacks and eliminates the window of vulnerability for new and emerging threats when signatures are not available. Spam Tracker
40
Detecting and managing spam is a constant problem for businesses. Its a burden to employees, resulting in lost productivity and frustration. It also clogs email servers, slows network performance, and increases management costs associated with storing and maintaining unwanted email.
The CYCOPS Spam Tracker service automatically detects and manages spam in real-time on enduser desktops and laptops. Once the spam is identified and tagged, it can be directed to a separate email folder, saving your employees time and your business money. Anti-Virus/Anti-Spyware
CYCOPS Anti-Virus/Spyware service provides real-time protection against worms and spyware from both inbound and outbound security threats. CYCOPS leverages a continuously updated list of anti-virus signatures to provide multi-layer defense from known viruses as well as new, unique outbreaks. We provide predictive defenses and complementary responsive techniques to stop these threats as soon as they emerge on the Internet.
CYCOPS Anti-Virus/Spyware service stops unwanted malware before it reaches a network. It minimizes network disruptions from virus and worm outbreaks and responds more effectively to fast-spreading attacks than traditional point and host security solutions. Even if an organization already has an Anti-Virus client deployed, an extra layer of security provides better protection from malicious traffic.
WEB FILTERING
An easy way to enforce Internet usage policies, CYCOPS Web Filtering service is continually updated to ensure policies include the latest threat protections. The service includes: Content Filtering: Blocks access to Internet sites by category content White List / Black List Filtering: Allows or denies access to selected web sites.
Separately or in tandem, these services help organizations achieve a balance between managing employee Internet access and enforcing Internet use policies. The result is improved employee
41
productivity, decreased risk of legal liability from employee Internet activity, and optimal use of IT resources. PERSONAL PROTECTION SUITE CYCOPSs Personal Protection Suite provides managed protection for a companys entire distributed workforce by defending and protecting all computers and corporate resources from malicious attacks with the following layers of fully managed security on all the devices that connect to a companys network: Data Loss Prevention (DLP) Content control solution to monitor and prevent data loss across your network. Safeguard intellectual property, customer information and proprietary data in motion, at rest and in use. Gain immediate visibility and control over the unauthorized release of confidential information Comprehensive security platform for the entire enterprise CYCOPSs DLP Management Center provides executive dashboards, powerful event search and archiving. The CYCOPS Personal Protection Suite provides industry-leading security features and the benefits of a fully managed service. Theres no equipment to buy so no capital expenses and only a nominal recurring fee. CYCOPS provides installation, configuration and deployment support, as well as ongoing management and maintenance, including automatic updates. This highly secure, fully managed and integrated solution saves time, money and IT resources while reducing the number of threats to your network.
42
BIBLIOGRAPHY: Books:
L.M. Applegate, R.D. Austin and F.W. McFarlan Corporate information strategy and management (7th Edition). McGraw Hill, 2007. P. Bocij, A. Greasley and S. Hickie Business information system (4th Edition). Prentice Hall, 2008 D. Boddy, A. Boonstra and G. Kennedy. Managing information system strategy &organisation (3rd Edition). Prentice Hall, 2008.
43
Websites:
www.cycops.co.in www.google.com
44
45
46