Document

advertisement
SENTRY METRICS
the right solution at the right time.
1
Leaders in Information Security, Compliance and Risk Management Solutions |
Confidential
© 2013 Sentry Metrics Inc.
PROBLEM: IN-SOURCE, OUT-SOURCE – EITHER WAY, YOU LOSE
Customers have 2 choices today
- Self Service for those who can: manage Security Operations themselves via on-premise or SaaS
- Managed Service for those who can’t: outsource to MSSP
Most Customers are in the middle
- Lack of mature procedures and best practice knowledgebase; dissatisfaction with existing service providers
- Capable of some operations; varied across disciplines; desire to manage in-house; inefficient performance
Attackers take advantage of the disconnects
- Managed Services were designed to be low-cost; attackers have evolved beyond these boundaries
- Poor visibility, meets-minimum service, and expertise atrophy with outsourced operations
Outsourcing can improve posture, performance, and productivity … but at what cost?
- Sacrificing in-house expertise and capabilities are now expensive trade-off’s for cost savings
- Losing competency means losing to attackers. There has to be a better way…
2
Leaders in Information Security, Compliance and Risk Management Solutions |
Confidential
© 2013 Sentry Metrics Inc.
SOLUTION: TIME TO TURN LOSE-LOSE INTO WIN-WIN
Customer-centric solution required
- Deliver managed services to continuously improve posture, performance, and productivity
- Mature operations and develop client capabilities in parallel; transition back in-house = success
Design and Operate services with Planned In-Source Service Transition
- Build mature procedures and best practices into ITSM platform, including knowledgebase augmentation
- Support client development with appropriate instruction, demonstration, support, and planned transition
Close critical gaps that attackers prey upon
- Restore technology performance, institute proactive measures, and improve response procedures
- Raise visibility, continuous service improvement, and develop client *operations service* expertise
Outsource-to-Insource is an investment in continuous service and capability improvement
- Develop in-house expertise and capabilities in parallel with immediate and long-term cost savings
- ITSM is the right tool for this kind of effort, and theSentry brings ITSM to Security
3
Leaders in Information Security, Compliance and Risk Management Solutions |
Confidential
© 2013 Sentry Metrics Inc.
SOLUTION: HOW TO START WINNING
Unified Technology and Services are key
-
theSentry – Award-winning ITSM Security and Compliance Management platform
Full-service MSSP with 24/7/365 SOC Operations and Advisory Services support
Extensive Knowledgebase and eLearning modules to support the right development at the right time
Focus on Operations competencies as much as product-specific technical expertise
theSentry Platform
-
4
The industry’s only true ITSM Security and Compliance Management solution
Supports best-in-class technologies, integrated solutions, automation, and client-specific flexibility
SaaS-Based platform that our SOC uses to continuously improve posture, performance & productivity
Extensive Knowledgebase and template library from years of managing Operations for our clients
Core shared-services for CMDB, workflow, knowledgebase, integrations, dashboards, and reporting
Discrete modules for Security Monitoring & Management (SIEM, IDP, Firewalls, Wireless, Web Security),
Vulnerability Management, Distributed Denial of Service (DDoS) Protection, and Compliance Management
Leaders in Information Security, Compliance and Risk Management Solutions |
Confidential
© 2013 Sentry Metrics Inc.
MARKET OPPORTUNITY: BRIDGING THE GAP FROM MSSP TO SAAS
Multiple markets overlap this need
- MSSP: $3B/year; $4B expected by 2015 in North America alone
- IT-GRC: >$300MM/year; often used to fill security product gaps
- Security SaaS: high growth in VA, SIEM, Web Security, etc.
Disconnect creates opportunity
-
Existing MSSP clients do not have realistic transition path to SaaS
Self-Managed clients can opt-in to temporary Managed Service
ITSM Platform is a better fit that IT-GRC for Security Operations
On-premise technologies can be delivered directly via SaaS model
Client-Enablement strategy is differentiated
- MSSP industry driven by client lock-in and expansion; Sentry
disrupts client lock-in and enables transition to SaaS self-service
- ITSM Platform is best-fit for continuous service improvement
Proven Business Model
- ServiceNow (ITSM): transition to SaaS through client enablement
- Vigilant (MSSP): insource service transition; acquired by Deloitte
5
Leaders in Information Security, Compliance and Risk Management Solutions |
Modest penetration across these markets provides
significant short and long term revenue opportunity.
Managed Services become a funnel for planned
transition to self-service with Sentry SaaS attached.
Confidential
© 2013 Sentry Metrics Inc.
MARKET ATTACK PLAN:
- Already in-market; ~$6MM 2012 revenue in Canada
- On target for >40% growth in 2013
- Primary growth planned from expanding into U.S.
- Key investments in Sales, Marketing, and Engineering
- U.S. SOC necessary for scaling U.S. enterprise clients
- Time to revenue within 6 months, accounting for
sales/Channel ramp-up (already in-market)
- Time to profit within the first year
- Key beachhead customers key to Segment Attack
- Channel ecosystem key throughout phases
- Key tech alliance partnerships in place today:
- HP: ArcSight (SIEM); Tipping Point (IPS)
- Rapid7; Qualys (Vulnerability Management)
- Sourcefire (IDS/IPS)
- Akamai (DDoS Protection)
- We are Akamai’s first MSSP Channel Partner
Staggered cycle of MSSP market capture & transition to SaaS
6
Leaders in Information Security, Compliance and Risk Management Solutions |
Confidential
© 2013 Sentry Metrics Inc.
PRODUCT: INTRODUCING THESENTRY
- Full ITIL-based, ITSM Security & Compliance Management
- Library of templates & use cases to enable immediate value
- Provides exceptional visibility and flexible customization
- Process workflows can be mapped, managed and audited
- Supports Security Operations and Compliance use cases
- Supports best-in-class Security technologies + automation
- Used by our SOC team to continuously improve productivity
- Includes CMDB/Asset Management, Ticketing/Problem
Management, Incident Management, Templates, Workflows,
Attestations, Dashboards, and Custom Reporting
theSentry establishes the knowledgebase, use cases, and
mature procedures needed to transition from MSSP to SaaS
7
Leaders in Information Security, Compliance and Risk Management Solutions |
Confidential
© 2013 Sentry Metrics Inc.
PATH TO MARKET: UNDERSTANDING OUR BUSINESS
- Canadian business consists of direct and indirect sales
Sentry Metrics
- U.S. expansion leads with a Channel-based strategy
- Combination of national and vertical/regional VAR’s
- Advisory Services and Auditors are another key Channel
Regional
VAR
Advisory/
Audit
Advisory/
Audit
National
VAR
- Vendor supplier draw is key, with product gap and Managed
Services requirements fulfilled (as we do today in Canada)
Advisory/
VAR
- Service contracts signed directly with Sentry Metrics; billing and
payment through Channel partners in the near term
- Opportunity for White-Label Managed Services (as we do today in
Canada) and OEM SaaS with U.S. based Service Providers
- Early U.S. Channel Partner relationships in place today:
U.S. Private Sector Customers
8
- North American National VAR (30+ offices); Regional VAR; Security
Advisory/VAR; Application Advisory/Auditor; Global Security &
Compliance Advisory/Auditor
Leaders in Information Security, Compliance and Risk Management Solutions |
Confidential
© 2013 Sentry Metrics Inc.
IT-GRC
COMPETITIVE EDGE
• Modulo
• RSA Archer
• Agiliance
- Current client disillusionment with large MSSPs
- Substandard service delivery, SLA-only service quality,
and lack of in-house expertise as a result
• Multiple Start Ups
• Alert Logic
• Trace Security
• Trustwave
• Several traditional MSSPs
- IT-GRC is often a stop-gap option with unused features
- Only Sentry Metrics uses ITSM fundamentals in Security
and Compliance offering as a Service Transition lever
• Symantec MSS
• Solutionary
• Verizon Business
• Dell SecureWorks
• Risk I/O
SAAS
• Qualys
ITSM
Security
Management
- Primary competitors are MSSPs in the U.S.
- Sentry Metrics aims to transition clients to self-service
- MSSPs want longest outsourcing contracts possible
MSSP
• ServiceNow
- IT-GRC vendors are selling 100% self service and do not have
Security Operations as a core competency
- ITSM vendors are not focused on Security & Compliance
- Opportunity to add Security ERP value to operations
• CA
• BMC
- Program and staff productivity focus for continuous improvement
• IBM
• HP
ITSM
9
Leaders in Information Security, Compliance and Risk Management Solutions |
Confidential
© 2013 Sentry Metrics Inc.
FINANCIAL FORECAST
Addressable market
- $3B NA MSSP Market (11% CAGR); $300MM+ IT-GRC Market; Multiple Security direct-to-SaaS opportunities
Revenue Model
6 Months
Year 1
Year 2
Year 3
Year 4
Year 5
5M
14M
27M
35M
45M
59M
6 Months
Year 1
Year 2
Year 3
Year 4
Year 5
Net Profit
(100K)
.5M
5M
9M
14M
18M
EBITDA
(50K)
.9M
8M
15M
22M
28M
FCF
(72K)
.1M
7M
15M
22M
28M
Time to Profitability
Amounts in brackets denote negative amounts
10
Leaders in Information Security, Compliance and Risk Management Solutions |
Confidential
© 2013 Sentry Metrics Inc.
INTRODUCING THE TEAM
Management Team
Dave Millier: CEO – ca.linkedin.com/pub/dave-millier-crisc/0/2b/5a
Recognized leader in security and networking, having operated several successful start-ups over the course of nearly 20 years. theSentry
platform was born from Dave’s experience serving customers and seeking continuous productivity improvement.
Steven Cohen: President – ca.linkedin.com/pub/steven-cohen/0/72/453
Co-founder of Strongbox Solutions and has provided trusted Security Advisory services to Fortune 1000 customers for 15 years. Steven leads
the Sales organization for Sentry Metrics.
Sheldon Malm: VP, Business Development - ca.linkedin.com/in/sheldonmalm
Led Security Operations at RBC Financial Group and has disrupted traditional Security industry approaches for more than 16 years. Previously
head of Strategy & Alliances at Rapid7 and head of Security R&D at nCircle Network Security (acquired by Tripwire)
CFO: Bryan Tollman - ca.linkedin.com/pub/bryan-tollman/16/b31/91a
Co-founder of Strongbox Solutions and an experienced CFO. Holds a doctorate in Corporate Strategy and an MBA in Corporate Strategy,
Finance and Marketing.
11
Leaders in Information Security, Compliance and Risk Management Solutions |
Confidential
© 2013 Sentry Metrics Inc.
MILESTONES
Solid revenue performance with consistent growth in Canada
-
~$6MM in 2012 revenue; on pace for >40% growth in 2013. U.S. market offers accelerated revenue growth opportunity
Growth achieved with little investment in Sales or Marketing
theSentry platform in-market with positive client adoption
-
Third generation platform in production; Fourth generation in development
U.S. expansion strategy beginning to unfold
-
Early Channel partnerships in motion; interest from U.S. prospects in key verticals: retail; technology; healthcare; entertainment
Client Enablement/SaaS Transition strategy resonating with U.S. enterprise prospects – compelling alternative to traditional MSSPs
Important technology alliances established
-
HP ArcSight/Tipping Point (SIEM/IDP); Rapid7/Qualys (Vulnerability Mgmt.); Sourcefire (IDP); Akamai (DDoS) - first MSSP Channel Partner
Key investments planned to achieve our goals
12
Marketing: raise visibility, refine messaging/positioning, and drive lead generation from U.S. market
Sales/Sales Engineering: expand, support, and manage U.S. Channel
Engineering: accelerate platform development and eLearning modules in support of SaaS Transition and direct-to-SaaS activities
Security Operations: U.S. SOC location likely necessary to support enterprise customer requirements
Leaders in Information Security, Compliance and Risk Management Solutions |
Confidential
© 2013 Sentry Metrics Inc.
SENTRY HIGHLIGHTS
Sentry Metrics provides the industry’s only viable solution to successfully, sustainably transition clients from
Managed Services to SaaS-based self-service for Security and Compliance
Strategy is perfectly aligned with market dynamics and customer demand
-
Customer dissatisfaction with MSSP lock-in has created demand for in-sourcing service options
Risk associated with Security Operations requires immediate improvement, coupled with planned transition
$3B/year, 11% CAGR North American MSSP market provides opportunity to disrupt from the inside
Adjacent IT-GRC, On-Premise Security, and SaaS Security markets provide additional client attraction
At-scale Canadian-based business is ripe for expansion to much larger market in the U.S.
Key technology partnerships in place and U.S. Channel strategy underway
Seasoned Management Team with deep Security expertise and successful market disruption experience
Combination of theSentry Platform, Managed Services, and Client Enablement are necessary and unique
- ITSM is the right framework for continuous service improvement; theSentry is the industry’s only ITSM Security Management platform
- Sentry Metrics’ position as an established MSSP enables disruption from inside the market; creates a funnel for SaaS self-service
- Willingness to drive MSS attrition is key to client enablement; incorporate desire for insourcing instead of fighting it
13
Leaders in Information Security, Compliance and Risk Management Solutions |
Confidential
© 2013 Sentry Metrics Inc.
SENTRY METRICS
the right solution at the right time.
14
Leaders in Information Security, Compliance and Risk Management Solutions |
Confidential
© 2013 Sentry Metrics Inc.
Download