Tag Archives: Security Convergence

IHS Research Note: ‘PSIM software continues to see strong growth despite increased competition’

In the latest Research Note from IHS, senior analyst Paul Bremner discusses the Physical Security Information Management (PSIM) software market.

A new report from IHS reveals that the world market for PSIM (Physical Security Information Management) software is estimated to have been worth $160.3 million in 2013.

While being a small segment of the larger security and fire market, the PSIM market continues to enjoy 20% and higher growth rates, and will do so until at least 2018. This growth is being driven in part by end users deploying PSIM software platforms as a tool to enforce compliance of both internal policies and external legislative requirements.

Despite these growth rates, confusion surrounding what constitutes PSIM software remains. Competing products such as command and control platforms, advanced video management software and security integration platforms have muddied the water as their capabilities and functionality have expanded into what was once considered PSIM’s territory of situational awareness and situation management.

Connectivity and integration aspect eroded

In previous years, one of the key selling points for PSIM platforms was their ability to connect and integrate multiple disparate systems, both security and non-security. It is this connectivity and integration aspect to PSIM which has been eroded over the past two years, with many other products being able to offer various integrations to expand their software’s reach.

PSIM software has thus had to shift its USP away from this integration aspect. Customers that are buying PSIM now are really coming with a top-down view, with a need to improve their security operations in a cost-effective, operationally efficient way while improving the overall security of the environment in which they are working. This is where the PSIM value proposition lies.

That said, the market has grown in line with expectations from the previous edition of the report, with the market being $7.5 million larger in 2013 than previously expected.

However, longer-term growth will be muted compared with previous expectations. The market’s long-term growth is limited by competing products successfully being deployed in the mid-tier, a market that has historically been out of reach for the high-end PSIM software platforms due to their high price tag.

Leave a comment

Filed under IFSECGlobal.com News

Global security chiefs deliver plan for developing ‘state-of-the-art’ management teams

The Security for Business Innovation Council (SBIC) argues that information security needs to become a cross-organisational function with security functions embedded into business processes and security teams working closely alongside business units on information risk management and cyber threat mitigation.

A new research report released by RSA (The Security Division of EMC (NYSE:EMC) and put together by the Security for Business Innovation Council (SBIC) reveals the composition of a forward leaning security program – starting with building a next generation information security team focused on the lifecycle management of cyber risks in today’s global enterprises.

The last 18 months have seen big changes in the overall requirements for success for information security teams. This has been set against the backdrop of a hyper-connected business environment, an evolving threat landscape, new technology adoption and regulatory scrutiny.

In response to this ever-changing environment, essential activities (and the responsibilities) of enterprise information security teams are very much in transition.

Accountability for IT security within organisations must be shared with business managers and executives to encourage ownership of cyber risk as an overall part of business risk

Accountability for IT security within organisations must be shared with business managers and executives to encourage ownership of cyber risk as an overall part of business risk

Transforming information security: designing tomorrow’s team

Entitled: ‘Transforming Information Security: Designing a State-of-the Art Extended Team’, the new report argues that information security teams must evolve to encompass skill sets not typically seen in security, such as business risk management, law, marketing, mathematics and purchasing.

The information security discipline must also embrace a joint accountability model in which responsibility for securing information assets is shared with the organisation’s line of business managers and executives who are beginning to understand that it’s they who ultimately own their own cyber risks as a part of business risk.

Many of the advanced technical and business-centric skills needed for security teams to fulfill their expanded responsibilities are in short supply and will require new strategies for cultivating and educating talent, as well as leveraging the specialised expertise of outside service providers.

To help organisations build a state-of-the-art extended security team, the SBIC has drafted a set of seven recommendations:

Redefine and strengthen core competencies: Focus the core team on increasing proficiencies in four main areas, namely cyber risk intelligence and security data analytics, security data management, risk consultancy and controls design and assurance.

Delegate routine operations: Allocate repeatable, well-established security processes to IT, business units and/or external service providers.

Borrow or rent experts: For particular specialisations, augment the core team with experts from within and outside of the organisation.

Lead risk owners in risk management: Partner with the business in managing cyber security risks and co-ordinate a consistent approach. Make it easy for the business and hold them accountable.

Hire process optimisation specialists: Have people on the team with experience and certifications in quality, project or program management, process optimisation and service delivery.

Build key relationships: Develop trust and influence with key players such as owners of the ‘Crown Jewels’, middle management and outsourced service providers.

Think outside-of-the-box for future talent: Given the lack of readily available expertise, developing talent is the only true long-term solution for most organisations. Valuable backgrounds can include software development, business analysis, financial management, military intelligence, law, data privacy, data science and complex statistical analysis.

Speaking about the new report, Art Coviello (executive vice-president, EMC, executive chairman, RSA, The Security Division of EMC) said: “For this transformation to be successful, security must be seen as a shared responsibility that requires active partnerships to manage the inherent risks to the business in the ever-evolving threat landscape. It’s imperative that organisations are able to develop a security team with the right expertise needed to get the job done.”

Bob Rodger, group head of infrastructure security at HSBC Holdings plc, added: “The core security team’s expertise should be primarily focused on delivering consulting, providing direction, driving strategy, identifying and explaining risks to the business, understanding threats and moving the organisation forward. It should not be encumbered by the day-to-day routine operational activities.”

About the Security for Business Innovation Council

The Security for Business Innovation Council is a group of top security leaders from Global 1000 enterprises committed to advancing information security worldwide by sharing their diverse professional experiences and insights.

The Council produces periodic reports exploring information security’s central role in enabling business innovation.

Contributors to this latest report include 18 security leaders from some of the largest global enterprises, including ABN Amro, ADP Inc, Airtel, AstraZeneca, Coca-Cola, EMC Corp, FedEx Corp, Fidelity Investments, HDFC Bank Ltd, HSBC Holdings plc, Intel, Johnson & Johnson, JP Morgan Chase, Nokia, SAP AG, TELUS, T-Mobile USA and Walmart.

Additional information
• Download the Security for Business Innovation Council Report
• Download an infographic that highlights how to transition from a conventional security team to a next generation security team
• Download the SBIC Report’s Executive Summary
• Download a chart from the report outlining ‘Who does what?’ on a next generation security team
• RSA blog: Does Your Security Team Have What It Takes? (by Laura Robinson, chairman, SBIC)

Leave a comment

Filed under IFSECGlobal.com News