As I distribute the news of my new startup, Seccom Global ,  I am getting asked why? And why now?   The answer derives from my travels over the last year and a half. I have been to six continents and 28 countries evangelizing both the changes in the threat-scape as well as value proposition of UTM (Unified Threat Management).    I am seeing the beginnings of a confluence of factors all of which point to managed security being the next big thing.   Those factors include:

The threats.  Let’s face it, security is no longer about set and forget firewall rule sets, logs that can be safely ignored, desktop software updates, and vulnerability management.  As cyber criminals come in to their own and even nation states start to attack each other it is becoming harder and harder for the typical IT department to stay on top of the problem.  Concentrated expertise in an MSSP is the answer.

Regulations.  No one can argue that the regulatory environment is going to get any simpler over time. It seems like every data breach results in more calls for laws, and oversight by government.   PCI compliance is most easily achieved through third party oversight and outsourcing of onerous record keeping and controls has already started to accelerate.

Data center consolidation.  The same trend that is driving the virtualization and band width optimization industries (look at the rapid success of VMWare and Riverbed and  yesterday’s acquisition of Packeteer by BlueCoat) is making the connectivity and access from remote offices back to key applications that much more critical. Multiple locations needing reliable, secure connections to those data centers are ideal candidates for outsourced security. 

UTM.   There is a rapid evolution of gateway security towards new technologies that provide full content inspection and the ability to block threats no matter how they are delivered. While the technical press, analysts and old school security practitioners have pooh-poohed UTM as shoddy technology, perhaps justifiable based on some of the vendors claiming to deliver UTM,  the reality is that there truly is demand for solutions that allow vendor consolidation while simplifying management, reporting, and protection.   Cisco, Juniper, and Check Point have fueled the demand for UTM with marketing hype while utterly failing to develop UTM solutions.   New gateway devices are a challenge to the installed base of MSSP’s who have deployed their own favorite tools but have not developed the ability to support UTM devices. 

Take these four factors and add them to the already extant drivers for security outsourcing (lack of expertise, not a core competency, hiring and retention problems) and you have a recipe for a new surge in the security outsourcing market.  

And why now?  The first part of the answer to that is easy.  The rapid changes occurring in the space  have generated the opportunity.  Acting now will ensure rapid growth.  The other part of the answer is related to the economy.  A recession is the best time to start a business that has a value proposition based on reducing capital and operational expenditures for its customers.   I would probably hold off starting an upscale restaurant today. But, leveraging the trends above is an opportunity that should be addressed just when entrenched competitors are cutting back (Verisign is even diversifying away from managed security) and more and more enterprises are looking at the benefits of security outsourcing. 

I have a personal reason for entering the MSSP space as well.  My introduction to security came from my experience at Netrex, arguably the first MSSP.   Netrex (since sold to ISS, since sold to IBM) would install a server running Check Point Firewall-1 in their data center for each new customer at tremendous investment in hardware and licensing fees.  Yet the value was there and I truly enjoyed the connection to the myriad customers as we enabled their business with secure Internet connectivity. It is that closeness to customers that I miss at either a vendor or an analyst firm.   There is no closer commercial relationship than a security service provider to its customer.  Despite contracts and SLA’s it is a relationship that must be renewed and reinforced on a daily basis.  

Of course I will continue to blog here.  An MSSP has unique visibility into threat trends and I will continue to evaluate technology and share my thoughts on industry directions.