South African information technology company Faritec on Thursday launched a new R8-million Security Operations Centre to protect South African companies’ business assets from hackers, viruses, worms, denial of service attacks and other threats.
The company said that the service monitors for immediate incidents and patterns as they happen around the world. Located in Faritec’s Johannesburg headquarters, the centre features bunker-style construction with multiple layers of security.
Authorised security specialists gain entry to areas of the centre through tiered levels of access, including biometric iris scanning, key-cards and constant video surveillance.
The system is designed to minimise potential downtime, the centre provides numerous back-up capabilities for physical infrastructure, including fire suppression systems, Internet connectivity as well as independent heating, ventilation and air conditioning systems. The centre also features a back-up generator with capacity to power the entire centre in case of power outages.
Speaking at the launch of the centre, divisional manager at BMI-T Roy Blume, estimated that 80% of all South African companies experienced security breaches during the last year and that the probable cost to the economy of these breaches was over R1-billion.
Faritec’s three shifts of security specialists are protecting, to date, 14 South African companies ranging from large JSE listed companies to mid-size enterprises.
The company is expecting its security offering to deliver revenue of R25-million within the first year and aims to have a revenue stream of approximately R170-million by 2006.
Faritec estimates that a typical client with 10 servers and 1 000 PCs behind one firewall and intrusion detection system could generate up to 20 million security alerts in one month. Of these, approximately 500 to 600 would require analysis, 50 would require intervention and only five might pose a serious business risk.
“We can offer South African clients a greater degree of security than they could ever do on their own,” head of security services at Faritec Gordon Love said.
“Most companies simply do not have the resources, technology and information to gather and analyse such vast amounts of security data.”
The company added that hacking — unauthorised break-ins on computers and networks — is increasing dramatically with 10-15 new threats discovered by Faritec every day.
“There are over 35 000 websites where anyone, anywhere — as long as they have internet access — can download a variety of hacking tools. This has led to an increase in attacks as perpetrators need significantly less knowledge and time to launch their attacks,” Love added.
Blume said that in 2003, for the first time ever, BMI-T’s annual corporate IT end-user survey ranked security as the number one concern of South African CIO’s.
“We believe that this is due to a number of high profile security breaches, the recent introduction of legislation — such as the King II Report — and the increasing number of business processes dependent on network based applications,” he noted.
BMI-T expects the total South African IT security market to grow to nearly R2-billion by 2007.
Companies are increasingly looking for external assistance to gain a clear understanding of their risk profile and ensure they have the appropriate strategies to address those risks.
As a result, the highest growth levels of the market, according to Blume, will be experienced by managed security services such as Faritec’s.
“A large percentage of South African companies have made significant investments in security technologies, but few have successfully implemented and managed these deployments,” Love said.
“A managed security service allows companies to maximise their existing investment in security technologies, enhance their security posture and focus on their core business activities,” he added.
“An intruder in your house will normally leave a trail of broken glass and forced locks, but internet-intruders can be in and out with a company’s valuable data without anyone noticing,” said Michael. “It is our job to work out what is happening and do something about it before they become a threat to our clients,” he concluded. – I-Net Bridge