Cy­ber Eco­nomics Val­i­dat­ing DDoS Man­aged Ser­vice De­liv­ery Mod­els

The DQWeek (Delhi) - - CHANNEL BONANZA -

One of the dis­ap­point­ing but un­de­ni­able re­al­i­ties of to­day's In­ter­net age is that multi-vec­tor dis­trib­uted de­nial-of-ser­vice (DDoS) cy­ber-at­tacks are grow­ing ex­po­nen­tially year-over-year. More­over, DDoS threat vec­tors are also in­creas­ing in so­phis­ti­ca­tion, leav­ing many en­ter­prises un­able to de­fend them­selves. Th­ese two fac­tors mean that de­fend­ing against DDoS at­tacks not only re­quires scale and pow­er­ful tools, but also man­dates the im­ple­men­ta­tion of a flex­i­ble DDoS port­fo­lio that can read­ily adapt and even pre­dictably mit­i­gate the ma­jor­ity of fu­ture DDoS threats.

As a re­sult, en­ter­prises are now in­creas­ingly en­trust­ing ven­dors and com­mu­ni­ca­tions ser­vice providers (CSPs) with the re­spon­si­bil­ity of pro­tect­ing their net­works from DDoS at­tacks, through the adop­tion of a DDoS man­aged ser­vices model. Con­se­quently, the mar­ket for DDoS man­aged ser­vices rep­re­sents a strong mar­ket op­por­tu­nity for CSPs that can im­ple­ment and de­liver hosted DDoS ser­vices to en­ter­prises of all sizes

How­ever, the scope and mar­ket re­quire­ments for DDoS ser­vices are still evolv­ing and quite fluid, even with re­spect to man­aged ser­vices pric­ing mod­els. A de­tailed overview of a com­pre­hen­sive model de­signed to quan­tify the fi­nan­cial and busi­ness case fun­da­men­tals of DDoS man­aged ser­vices and ap­pli­ca­tions is shared be­low: DDoS MODEL OVERVIEW

Be­cause DDoS man­aged ser­vices are still be­ing shaped by mar­ket forces, in cre­at­ing the model a phi­los­o­phy was adopted to af­ford the nec­es­sary and req­ui­site lev­els of flex­i­bil­ity, the base model needed to be based on a bot­tom-up de­sign that could sup­port a broad range of siz­ing, en­ter­prise types and pric­ing model at­tributes.

There­fore a model uti­liz­ing tra­di­tional, bot­tom-up ap­proach in­cor­po­rat­ingspe­cific es­ti­mates for the cap­i­tal ex­pen­di­ture (capex), op­er­a­tional ex­pen­di­ture (opex) and other ex­penses, such as gen­eral sales and ad­min/mar­ket­ing was built. The model also fore­casts rev­enues for a num­ber of DDoS ser­vice sce­nar­ios, in­cor­po­rat­ing pric­ing struc­tures based on mar­ket pric­ing, DDoS ser­vice scope and re­lated data us­age and con­sump­tion pro­files. DDoS Man­aged Ser­vice Sce­nar­ios

DDoS man­aged ser­vices can­not be de­liv­ered to en­ter­prises us­ing a "one size fits all" model, be­cause en­ter­prises dif­fer on a num­ber of lev­els – the most no­table be­ing size. For ex­am­ple, in most tele­com mar­kets, en­ter­prises are bro­ken into three sizes – small (1-50 em­ploy­ees), medium (50-250 em­ploy­ees) and large (more than 250 em­ploy­ees). In turn, this trans­lates into en­ter­prises that face a broad range of threat vec­tors, based on earn­ings po­ten­tial and data sen­si­tiv­ity. As a re­sult, en­ter­prises re­quire DDoS man­aged ser­vices that can ad­dress their vul­ner­a­bil­i­ties at af­ford­able price points. While there are no de­fin­i­tive, agreed-upon in­dus­try bench­marks on the scope and ca­pa­bil­i­ties of DDoS man­aged ser­vices, there are two rep­re­sen­ta­tivesce­nar­ios ; the "On-De­mand" and "Al­ways-On" sce­nar­ios. DDoS On-De­mand Ser­vice Sce­nario

The DDoS On-De­mand ser­vice sce­nario is a fully func­tional so­lu­tion that de­liv­ers a strong mea­sure of DDoS pro­tec­tion, it is de­signed as a base­line ser­vice, us­ing a model in which selected data streams are mon­i­tored out of path – rather than mon­i­tor­ing ev­ery data flow in real time, which is the essence of an Al­ways-On model.

To model the On-De­mand sce­nario the method­ol­ogy in­volves es­ti­mat­ing the capex nec­es­sary to ini­tially launch the ser­vice, as well as the ad­di­tional in­fra­struc­ture capex in a five-year win­dow to sup­port ser­vice growth.Then­the opex is cal­cu­lated which in­cludes salaries of mon­i­tor­ing and op­er­a­tional staff (e.g., the staff of a se­cu­rity op­er­a­tions cen­ter), as well as ad­di­tional "other" over­head costs re­lated to sell­ing the ser­vices in a five-year win­dow.

Th­ese over­head ex­penses – tra­di­tion­ally re­ferred to as sell­ing, gen­eral and ad­min­is­tra­tive (SGA) ex­penses – are bro­ken out separately to pro­vide clar­ity on pro­duc­tion-re­lated vs. non-pro­duc­tion-re­lated ex­pense struc­tures. For ex­am­ple, SGA ex­penses also in­clude the mar­ket­ing costs as­so­ci­ated with launch­ing an On-De­mand ser­vice. Model Out­put

Us­ing the ap­proach de­scribed above, capex, opex and SGA ex­penses and off-set­ting rev­enue, were cal­cu­lated as­sum­ing a five-year ramp to achieve a 10 per­cent pen­e­tra­tion of ad­dress-able mar­ket rev­enues by Year 5, based on num­ber of en­ter­prises, size, and DDoS-re­lated band­width con­sump­tion.

The re­sults of this model, shown in Fig­ure 1, re­veal that con­sid­er­able rev­enues can be achieved by sup­port­ing this ser­vice sce­nario. For ex­am­ple, while over this five-year pe­riod the in­vest­ment (capex and opex, but not SGA ex­penses) adds up to $40.1 mil­lion, the off-set­ting rev­enue stream gen­er­ates $459.3 mil­lion. Fi­nan­cial Sum­mary

The mod­el­ing of this sce­nario con­firms that even a base­line so­lu­tion such as an On-De­mand sce­nario de­liv­ers very strong fi­nan­cial met­rics, as wit­nessed by the abil­ity to cover capex in Year 1 and gen­er­ate a strong re­turn of $317.5 mil­lion of net cash in a five-year win­dow. DDoS Al­ways-On Ser­vice Sce­nario

In cre­at­ing the Al­ways-On DDoS ser­vice sce­nario, the goal is to cap­ture the ser­vices and­pro­tec­tion lev­els that pri­mar­ily medium and large en­ter­prises re­quire – par­tic­u­larly en­ter­prises with valu­able in­tel­lec­tual prop­erty, fi­nan­cial records or sen­si­tive per­sonal/ health records. Model Out­put

As the first DDoS sce­nario was done, sim­i­larly apex, opex and SGA ex­penses and off-set­ting rev­enue, were cal­cu­lated as­sum­ing a five-year ramp to achieve a 10 per­cent pen­e­tra­tion of ad­dress-able mar­ket rev­enues by Year 5, based on num­ber of en­ter­prises, size, and DDoS-re­lated band­width con­sump­tion. The re­sults of this model, shown in Fig­ure 2, re­veal that con­sider-able rev­enues can be achieved by sup­port­ing this ser­vice sce­nario. Fi­nan­cial Sum­mary

The mod­el­ing of this sce­nario con­firms that the Al­ways-On ser­vice sce­nario de­liv­ers very strong fi­nan­cial met­rics – even stronger than the On-De­mand sce­nario – as wit­nessed by the abil­ity to cover capex in Year 1 and gen­er­ate sub­stan­tial net cash of $348.6 mil­lion in a five-year win­dow. In Sum­mary:

The rapid growth and com­plex­ity of DDoS at­tacks, cou­pled with cloud adop­tion, are fun­da­men­tally chang­ing both se­cu­rity ref­er­ence ar­chi­tec­tures and se­cu­rity ser­vice de­liv­ery mod­els. While the in­dus­try, in gen­eral, is still re­spond­ing on both fronts, its be­lieved that the key to suc­cess will be to lever­age the in­her­ent scale, ser­vice agility and pro­gramma­bil­ity traits of the cloud, and ap­ply them to pro­tect the in­ter­ests of en­ter­prise cus­tomers.

As a re­sult, en­ter­prises are in­creas­ingly in­ter­ested in and re­cep­tive to the adop­tion of a man­aged DDoS ser­vice pur­chased from their CSP of choice. In turn, this is spurring pro­gres­sive CSPs to ex­pand their se­cu­rity ser­vices to in­clude cloud-hosted DDoS so­lu­tions that meet the user de­mands of en­ter­prises of all sizes.

This ap­pen­dix pro­vides de­tailed sup­ple­men­tary in­for­ma­tion that has con­ser­va­tive and re­al­is­ti­cally achiev­able as­sump­tions for com­mer­cial im­ple­men­ta­tions. Capex Es­ti­mates: Based on mar­ket siz­ing data pro­vided be­low, a re­al­is­tic net capex was de­rived based on list price, sub­ject to a typ­i­cally ap­pli­ca­ble 40 per­cent dis­count.

Be­low is the­list of net capex by year. The ini­tial capex for ser­vice launch and ad­di­tional capex for ex­pan­sion in later years are both shown. The Al­ways-On sce­nario ev­i­dently re­quires greater cap­i­tal in the outer years, as data vol­umes start to scale. Opex Es­ti­mates: In order to fully es­ti­mate opex, ex­penses were bro­ken into two cat­e­gories: salaries and soft­ware main­te­nance-re­lated. Salary-Re­lated Opex Es­ti­mates: To ap­prox­i­mate salary ex­penses in both sce­nar­ios, a "fully loaded" salary of $150,000 per em­ployee per year was con­sid­ered for a base of 40 em­ploy­ees. The num­ber of em­ploy­ees was de­rived by in­for­mal dis­cus­sions with other CSP em­ploy­ees. The re­sults are shown be­low: Soft­ware Main­te­nance Opex Es­ti­mates: The costs as­so­ci­ated with the an­nual li­cens­ing of soft­ware main­te­nance, op­er­a­tional tools and dash­boards were es­ti­mated based on ac­tual com­mer­cial prices with any ap­pli­ca­ble dis­count ap­plied. As shown in Fig­ure 5, the net opex in both sce­nar­ios was rel­a­tively sim­i­lar.

Th­ese base­line as­sump­tions were then ap­plied to the two sce­nar­ios. For ex­am­ple, the On-De­mand sce­nario is ideally priced and sized for small and medium en­ter­prises, and the Al­ways-On sce­nario suited to medium and large en­ter­prises. This means the ad­dress­able mar­kets are dif­fer­ent.

More­over, as shown in Fig­ure 7, pric­ing struc­tures are very dif­fer­ent. The Al­ways-On sce­nario is a pre­mium ser­vice, con­sumes much greater band­width & mon­i­tor­ing re­sources, and comes at a con­sid­er­ably higher price. The monthly pric­ing charges for both sce­nar­ios were es­ti­mated from in­for­mal dis­cus­sions with CSPs that pro­vided such ser­vices. Th­ese prices are rep­re­sen­ta­tive of the pric­ing sup­ported by mar­kets.

A small on­go­ing dis­count year-over-year was also in­cluded (typ­i­cally 1 to 5 per­cent per year) to re­flect loy­alty pro­mo­tions. The re­sult­ing rev­enues cal­cu­lated us­ing this method­ol­ogy are shown in the Rev­enue lines in Fig­ures 1 and 2.

Newspapers in English

Newspapers from India

© PressReader. All rights reserved.