2011 South African Data Centre Green Excellence Award in Technology Innovation Cybernest

© 2011 Frost & Sullivan 1 “We Accelerate Growth”

2012 North American Managed Security Service Providers

Growth Leadership Award

2012

BEST PRACTICES RESEARCH

© 2012 Frost & Sullivan 1 “We Accelerate Growth”

Growth Leadership Award

Managed Security Service Providers

North America, 2012

Frost & Sullivan’s Global Research Platform

Frost & Sullivan is in its 50th year of business with a global research organization of 1,800

analysts and consultants who monitor more than 300 industries and 250,000 companies.

The company’s research philosophy originates with the CEO’s 360-Degree Perspective™,

which serves as the foundation of its TEAM Research™ methodology. This unique approach

enables us to determine how best-in-class companies worldwide manage growth,

innovation and leadership. Based on the findings of this Best Practices research, Frost &

Sullivan is proud to present the 2012 North American Growth Leadership Award in the

Managed Security Service Providers market to Trustwave.

Significance of the Growth Leadership Award

Key Industry Challenges Addressed

The managed security service provider (MSSP) market includes a variety of vendors that

offer a wide range of services. Today MSSPs are focused on offering both traditional and

emerging services that provide a better security posture for enterprises operating in all

types of environments. MSSPs are faced with the demand of offering security to not only

physical environments, but cloud and virtual environments as well. At the same time,

MSSPs must apply the same policies and controls to all environments through a single

central management platform.

The increasing complexity of dealing with intricate, evolving, and changing compliance

standards and regulations; increasingly advanced and targeted security threats; and the

ever-evolving security environment remains a challenge for many organizations. In addition,

evolving threats continue to strain the resources of most organizations’ IT and financial

business units. This comes at a time when most organizations are also under pressure to

cut costs and tighten budgets. Many organizations will turn to an MSSP to help alleviate

these pressures, seeking an MSSP that can protect their online and networked operations

and sensitive information from a wide variety of security threats in a cost-efficient manner.

To excel in revenue growth within this competitive market, Frost & Sullivan firmly believes

that vendors must continue to grow their breadth and depth of service offerings to meet the

increasing and ever-evolving demands of their diverse customer base.

BEST PRACTICES RESEARCH

© 2012 Frost & Sullivan 2 “We Accelerate Growth”

Best Practice Award Analysis for Trustwave

The Frost & Sullivan Award for Growth Leadership is presented to the company that has

demonstrated excellence in capturing the highest annual compound growth rate for the last

three years.

Trustwave’s Performance in Managed Security Service Providers market

Trustwave is a key player in the North America Managed Security Services Provider (MSSP)

market, as well as globally. Trustwave employs more than 1,000 employees, in 20

locations, across six continents. The organization provides managed security services (MSS)

to about 3,000 customers, including eight of the Fortune 10. Through its MSS operations,

Trustwave logs more than two billion security and compliance events each day. In addition,

Frost & Sullivan estimates that more than 150,000 managed compliance customers use

Trustwave’s vulnerability scanning services, and Trustwave manages and/or monitors nearly

130,000 devices daily.

Trustwave’s comprehensive portfolio consists of compliance services as well as Web

application, network, email, and data security solutions that can be fully managed through

Trustwave's worldwide Security Operations Centers (SOCs) or provided as on-premises or

cloud solutions. The company reported 148 percent growth in MSS from the first half in

2011 to the first half of 2012. Trustwave continues to build on its long-standing strength in

PCI compliance and security services, and has also expanded its offerings to include broader

risk management services.

Key Performance Drivers for Trustwave

Factor 1: Expanding Growth in the MSSP market

Not only is Trustwave known as a leading MSSP, it is also a top player in compliance and

information security technology and services. Its strength in the IT compliance business

has enabled the company to expand its presence in the MSSP market. Trustwave attributes

its growth to several factors, which include the:

• Expansion of PCI compliance program services

• Addition of its TrustKeeper® cloud portal for consolidated access to its services

• Continued product innovation and acquisition of new customers and technologies

• Expansion of MSS beyond basic “perimeter" services to higher-value services

Trustwave’s TrustKeeper cloud service enables customers to expand an existing PCI

compliance footprint, and add additional cloud and managed services for compliance and

security beyond PCI, managed from a single vantage point. With more than 2 million

BEST PRACTICES RESEARCH

© 2012 Frost & Sullivan 3 “We Accelerate Growth”

merchants subscribed to Trustwave's cloud compliance services, and the increasing demand

for its cloud-based compliance and security services, Trustwave has a unique perspective of

the MSSP market. Frost & Sullivan’s analysis reveals that Trustwave differentiates itself by

simplifying its services through its consolidated portal.

Furthermore, Trustwave has been successful in offering new and enhanced services, as well

as developing new technologies through a number of vendor acquisitions. Trustwave has

uniquely acquired and integrated software and hardware based technologies into cloud and

hybrid-managed services, which are then easily assembled and managed through

Trustwave’s TrustKeeper cloud portal. Overall, Trustwave’s ability to acquire and develop

new technologies and services has enabled the company to become a top player in the

MSSP market.

Factor 2: Broadening Trustwave’s Portfolio

Trustwave has broadened its security services portfolio by way of numerous acquisitions,

most recently its 2012 acquisition of M86 Security, which has enabled the addition of

managed Web security to Trustwave’s portfolio. A series of acquisitions and innovation over

the past several years has helped Trustwave add services beyond simple firewall

capabilities, and affords the company the opportunity to develop and extend services to

address the growing demand for emerging technologies such as Web application firewalls

(WAF) and security information event management (SIEM). Trustwave has also been

successful in developing acquired technologies into unique, new Managed Security Services.

While these technologies were previously available as only software and customer self-

managed appliances, Trustwave has made them available as managed offerings designed

for customers that might not have time or resources to deploy and maintain these higher-

value solutions themselves.

While Trustwave offers classic managed security services, such as firewalls, intrusion

detection and intrusion prevention (IDS and IPS), it has made a concerted effort to go

beyond offering these services and it supports its customers with a 'holistic integrated

security strategy’ to maintain a strong security posture. As such, in 2012, Trustwave

released new and enhanced managed WAF and managed SIEM solutions, both of which add

to an existing portfolio of managed encryption, network access control (NAC), vulnerability

scanning, IDS and IPS, and unified threat management (UTM) services. These advanced

services move beyond traditional or perimeter services, providing the ability to manage

critical security controls for the internals of the network while offering additional layers of

threat protection.

Trustwave’s WAF service offers continuous real-time protection and data loss protection for

applications, working in conjunction with Trustwave’s SIEM technology. WAF events are

directed to Trustwave SOCs where experts use SIEM technology to correlate and analyze a

series of events. Events are reported and archived, and customers are alerted to events

requiring attention. With Trustwave's hybrid-managed SIEM appliance, customers can

BEST PRACTICES RESEARCH

© 2012 Frost & Sullivan 4 “We Accelerate Growth”

identify and mitigate security threats more easily.

Factor 3: Trustwave Threat Intelligence

Trustwave’s Threat Intelligence and Security Research team—called Trustwave SpiderLabs—

has been a key component in its managed security services growth strategy. SpiderLabs is

well known globally for its threat intelligence, expertise, in application security, incident

response, penetration testing, anti-malware, and security research. It offers clients

advanced information security expertise, which is integrated into its unified security

solutions and managed security services.

Trustwave has initiated nearly 2,000 computer incident response and forensic investigations

globally, and over 16,000 penetration and application security tests for clients. In the 2013

global security report, Trustwave revealed the top security vulnerabilities and threats that

organizations around the globe must be prepared for, along with actionable advice for

organizations to secure their businesses against these threats. The key discoveries and

trends are gleaned from the forensic investigation of more than 450 Web-based data

breaches and 2,500 penetration tests, plus extensive analysis of zero-day threats, nine

million Web attacks, five million malicious Web sites, two million threat and vulnerability

scans, and three million real-world passwords used within corporate information systems in

2012. The annual report provides customers educational reporting and valuable insight into

ongoing security issues and trends.

In 2012, Trustwave announced the SpiderLabs Threat Intelligence Program, which provides

organizations with the latest research, insight, and analysis. The program offers

organizations the intelligence required to maintain a deep level of visibility and awareness

into the security threat landscape. This offering, coupled with SpiderLabs Incident Response

Readiness service, equips organizations with the ability to effectively identify and remediate

security issues in their environments. Trustwave's portfolio of managed security solutions

provide integrated security controls that contribute to effective remediation efforts.

Conclusion

In conclusion, the MSSP market continues to evolve and grow as a greater number of

businesses become more accepting of outsourcing security services. Although the market

remains competitive, MSSPs are showing signs of strong growth as they expound upon their

portfolio of services. Trustwave has exhibited phenomenal growth in the MSSP market,

largely attributed to strong PCI compliance services and the breadth of service offerings for

a variety of compliance and security needs beyond PCI. In recognition of Trustwave’s

impressive growth in the MSSP market, Frost & Sullivan recognizes Trustwave with the 2012

North American Growth Leadership Award.

BEST PRACTICES RESEARCH

© 2012 Frost & Sullivan 5 “We Accelerate Growth”

The CEO360-Degree PerspectiveTM

- Visionary Platform for Growth

Strategies

The CEO 360-Degree Perspective™ model provides a clear illustration of the complex

business universe in which CEOs and their management teams live today. It represents

the foundation of Frost & Sullivan's global research organization and provides the basis on

which companies can gain a visionary and strategic understanding of the market. The CEO

360-Degree Perspective™ is also a “must-have” requirement for the identification and

analysis of best-practice performance by industry leaders.

The CEO 360-Degree Perspective™ model enables our clients to gain a comprehensive,

action-oriented understanding of market evolution and its implications for their companies’

growth strategies. As illustrated in Chart1 below, the following six-step process outlines

how our researchers and consultants embed the CEO 360-Degree Perspective™ into their

analyses and recommendations.

Chart1: The CEO's 360-Degree Perspective™ Model

BEST PRACTICES RESEARCH

© 2012 Frost & Sullivan 6 “We Accelerate Growth”

Critical Importance of TEAM Research

Frost & Sullivan’s TEAM Research methodology represents the analytical rigor of our

research process. It offers a 360-degree view of industry challenges, trends, and issues by

integrating all seven of Frost & Sullivan's research methodologies. Our experience has

shown over the years that companies too often make important growth decisions based on

a narrow understanding of their environment, leading to errors of both omission and

commission. Frost & Sullivan contends that successful growth strategies are founded on a

thorough understanding of market, technical, economic, financial, customer, best

practices, and demographic analyses. In that vein, the letters T, E, A and M reflect our

core technical, economic, applied (financial and best practices) and market analyses. The

integration of these research disciplines into the TEAM Research methodology provides an

evaluation platform for benchmarking industry players and for creating high-potential

growth strategies for our clients.

Chart2: Benchmarking Performance with TEAM Research

About Frost & Sullivan

Frost & Sullivan, the Growth Partnership Company, enables clients to accelerate growth

and achieve best-in-class positions in growth, innovation and leadership. The company's

Growth Partnership Service provides the CEO and the CEO's Growth Team with disciplined

research and best-practice models to drive the generation, evaluation and implementation

of powerful growth strategies. Frost & Sullivan leverages 50 years of experience in

partnering with Global 1000 companies, emerging businesses and the investment

community from more than 40 offices on six continents. To join our Growth Partnership,

please visit http://www.frost.com.