OCTAVE – Operationally Critical Threat, Asset, and Vulnerability Evaluation
July 29, 2024Small Sampling Market Analysis
Requirements Summary
Customer Opportunities:
- Strategic Customer
- Market Profile
Changes from prior version
- Market Segments
- Information
- Access
- Size
- Distribution
- Spending
Commercial Enterprise
The following are the vertical market segments which are currently exhibiting receptivity to security messages.
- Banking: large multinational banks such as Citibank, Bank of America, US Bank, Chase, Well Fargo and Bank One
This market’s information assets are highly proprietary as it is primarily not their information, but their customer’s that is so pervasive. Additionally, access to this information is readily available to nearly every employee. This market represents only the larger banks which are highly distributed organizations. Additionally, the banking market was the first to appoint a Chief Security Officer showing a strong commitment in spending habits to logical-security.
- Financial: companies such as American Express, Bear Stearns, Merrill Lynch, and Bloomberg
This market’s information assets are also a high percentage of customer information but additionally include information governed by the FTC, SEC and other government agencies which levy hefty penalties on mishandling of certain information assets. This market represents large organizations that are very distributed, being driven by the need to centralize trading while having customer contacts on a local basis.
Spending is high as this market is only viable if the information assets are shared in real-time. This has established spending patterns that focus premiums being paid for some of the most stringent level-of-service agreements in any market.
- Insurance: insurance companies such as State Farm, Farmers, Prudential, and USAA
This market has a deceptive title because while the majority of its business is in insuring people and property, this market also handles massive investments in order to do business. These organizations hold highly sensitive information about their customers and their customer’s property and that information is available on a regional basis to a large number of people in the organization. The size and distribution of this market is great as there is both the need for centralization as well as customer contact on a local basis. Spending in this market is traditionally conservative and lower than average as a percentage, favoring regulatory controls. But, this size of the security budgets in these massive organizations is still a desirable target. - High-Tech: technology companies such as Intel, Microsoft, Nortel, Cisco, Amazon, Google and Intuit
Information assets are the core of the business for high-tech companies. Especially in software organizations, information assets are used by employees on a daily basis to do their jobs. Purely hardware companies will have a much lower percentage of people who have access to proprietary information but the competition for profitability in the hardware specific markets are much more volatile. An additional indicator unique to the high-tech market is that it is also the market with the greatest number of people as a percentage who are likely to have the knowledge to steal of export information assets. The high-tech market is stereotypically a high spender for information technology as that is the keystone of their organization.
It is noted that with current legislation in the Health Care market the need for securing information assets is gaining attention.
While this market has highly proprietary information which is widely accessible, the size and distribution of most health care organizations does not compare to other markets. While technology spending in health care is high as a percentage of revenues — spending on information technology and security technology is lower than in the other verticals previously explained.
Service Providers: Service providers are target as the secondary market opportunity, following the commercial enterprise closely. This market includes Application Service Providers, Managed Service Providers and Managed Security Service Providers — referred to as hereafter jointly as the *SP market. As the *SPs primary business is in providing myriad service which handle or protect information assets there is a greater sense of propriety among the *SPs than in the markets they support. *SPs represent the extreme example of a distributed environment.
The *SPs are target all sizes of organization but are finding short term wins in the small-to-large size markets as they are less likely to be able to or willing to commit the resources required for logical-security. Service providers live and die by customer perception of the service they provide. Perception plays a large part in maintaining existing business and generating new business. Security breaches in the service provider arena compromise a customer’s trust. Minimal downtime, and maximum performance per dollar spent are the key factors that influence this market.
One of the largest growth segments in the industry at this time is the “Security as a Service” market. The lack in skilled information security professionals in the market has lead to the emergence of providers offering managed security service. In this market there is a defined need for security solutions that are capable of being centrally managed while operating in a massively distributed environment.
Granular control and segmentation of security policies by customer are critical to addressing this sector. This market also provides a desirable market presence and route to market share dominance to help motivate other markets and customers.
Government Enterprise: As a market for network security the government enterprise generally rates the highest as they have a mission critical need for information assurance and defensive information warfare has received attention at the highest levels, including legislation sponsored by the President. For this release the government enterprise is an exception because this is a first release product and will not receive the certifications and validations required for a full fledged push into the constipated government decision making process.
For this first release it is anticipated that the government revenue for this product will be primarily on pilot-programs or through state and educational programs. Government agencies and departments, however, offer very large install bases and once accepted into a program or once certification has been achieved it becomes much easier to compete. The amount of proprietary or sensitive information within governmental agencies is very high. Large networks installed in organizations such as the US Army provide excellent opportunities for distributed security solutions.
The components which add the most security risk to the network are desktop PCs which have multiple access possibilities, from USB connections to myriad I/O devices — all under end-user control. The end-user control is ultimately what makes desktop systems an insecure device. The possibility of the PC being improperly configured, access devices being used inappropriately, or when unauthorized devices are connected to the PC, all introduce a possible security risk to the enterprise.
While access can still be restricted, it has become much easier for an individual or group to attempt to obtain access to information of a proprietary and sensitive nature. It takes commitment, effort and typically a large risk to attempt to breach physical security; it takes only curiosity, time, and a connection to the Internet to probe a network and initiate a threat.
Channel Segments
- Direct to Enterprise
- Corporate Resellers
GSA
- Service Providers
- Integrators
- Value Added Resellers (VAR)
Retail
- Mail Order
- Internet
- Technology Effects On Market
Strategic Target Market
- Revenue Deltas
- Big Ideas
- Centralized visibility and management
- The Problem
- The Solution
Benefit (Users need to be able to…) | User Experience |
Manage the security devices Centrally to the de-centralized environment. | Management of Security devices in a de-centralized environment, thus providing comprehensive visualization of the devices to be managed. |
Provide scalable deployment of devices to be monitored in the environment dynamically. | The user must have the ability to push agents, policies, and updates to the devices for enterprise management. |
Add dynamic attack signature updates from the web or Internet connection. | An auto update feature must pull updates from Internet or Internal server and have the ability to install manually or scheduled to remote devices. Must be secure. |
Ability to communicate through firewalls and network filtering devices. | There should be socket communication of the devices to the Central Management unit (s) for ease of deployment and management through network filters. |
Have level authentication for tiered management authority. | Set level of administration capability per template basis of Administrators, operators, and user accounts rights |
Management of the maintenance of the devices from the network communications | This allows the users to reboot, verify devices on the network, and comprehensive updates to the user transparently. |