2017 글로벌 정보보호 산업시장 동향 조사 · - symantec, mcafee, check point, emc,...
TRANSCRIPT
-
2017 The Research on Global Security Market Trends
: ()
2017. 11.
KISA-2017-0036
-
2017
.
2017 11 30
:()
: / ()
: ()
()
()
()
()
KISA: ()
()
()
KISA : ( )
( )
( )
( )
-
- i -
1.
, , , IT
o (IoT) IoT /
(surface attack)
o
ICT
o CIO 2017
EU CIO IT
: Morgan Stanley(2017.1)
-
- ii -
5 12.9%
o IT Technavio ,
2016 1,003 6 5 12.9% 2021
1,839 6
( : )
: Technavio(2017.9)
Memoori Business Intelligence
, (Surveillance)
2016 284 4,000
o Memoori 2015 4.5% ,
5 8.2% ,
5 5.6% 2021 374 3,000
-
- iii -
1) ( : )
: Memoori Business Intelligence, The Physical Security Business 2016 to 2021(2016.4Q)
2.
o
o
5 , 30
(5) - , , , ,
(8) - , , , , , , ,
(5) - , , , ,
(6) - , UAE, , , ,
(6) - , , , , ,
1)
-
- iv -
3.
o 1 , 2 ,
3 3
- 1 , ,
- 2 30
- 3
30
II
1.
1)
o () ITU (GCI) 2
, ,
-
-
, ,
o ( ) 1/3
,
- (DoD), (DHS)
- (TIA)
, '17 635
- ,
-
- v -
- Barnes & Co. ,
, 2017 188 8,690
o ( ) ,
- Symantec, McAfee, Check Point, EMC, Fortinet, HP Security, Cisco, Trend Micro,
Palo Alto Networks, Blue Coat Systems, Check Point Technology, Kaspersky Lab
- Barclays CIO Palo Alto Networks Fortinet
Cisco, Check Point Juniper
- 2
, ADT Security Service, Ingram Micro, A1
Security Cameras
o ( )
- Upwork, IT
2(1 ) .
13 10 5 (17.12)
- AWS, GuardDuty , . AWS
AWS
(17.11)
- Oracle '17 10 Larry Ellison Oracle
IT .
Oracle Management Cloud ,
(17.10)
- MS '14 Hexadite 1
. Hexadite 35
, (17.05)
- RSA 2017 Fortinet, McAfee, Palo
Alto Networks, Symantec (Cyber Threat Alliance,
CTA) (17.02)
- IBM, (AI)
Watson for Cyber Security (17.02)
-
- vi -
o ()
M&A,
2)
o () 2017 GCI 11
, 2020
,
o ( ) 2020
,
'13
- '16 4,704 , /, IP
,
(, '17.2) - '16 4.0% 9,327
9,000 ((JNSA), 17.6)
o ( ) IP
, Trend Micro Symantec, McAfee
3 90%
- Fujitsu, Hitachi, Mitsubishi, NEC, Oki, Panasonic, Toshiba, Sony
- Trend Micro, Symantec, McAfee
o ( )
- , , , ,
1/2, 1/2
- '16 ,
'20
- ,
- ,
-
- vii -
o () , SI ,
2
3)
o () (IRA)
o ( )
- '16 49 9,400 , '17 52 3,500
( , '16)
- '15 11 '16 3
, CCTV
o ( )
4
- , ICT ,
HW/SW , VAR(value-added reseller)
-
- HD CCTV,
,
,
o ( )
- (Infrastructure)
4%
1,700 ('17.8)
- ,
(Cyber health check) ('17.8)
- , (Supply chain)
8 (17.8)
-
- viii -
o () , , ,
R&D
4)
o () '15 11 '16 3
o ( ) '13 2020 5%
(, 15.11)
- '15 IS
- '10
'16 45% '15 11% ( , 16.10)
- '16 10% (PAC, '16.9)
o ( ) 4,500~10,000
,
- 4,500 470~600,
3,900~4,000
- Securitas AB
Securitas France 15% ,
Groupe Seris
o ( )
- Thales, Gemalto .
'17 Thales
Gemalto ,
('17.12)
- , Cybermalveillance.gouv.fr .
,
2019 250 ('17.5)
o () , ,
-
- ix -
5)
o () 2017 GCI 24
o ( ) '11-'15 9.5% , '15~'20 ICT
- 2015 32.9% 2020 323 6
(MarketLine, 15.11)
- 2008 20 IT 2015 37
6% (Statista, 16)
o ( ) ,
(Reseller)
- AV-TEST
Avira, Giesecke & Devrinet
- , , , Cisco,
IBM, Symantec, Northrop Grumman, Check Point, Trend Micro
- Bosch, MOBOTIX, Honeywell Sanyo
Panasonic
o ( )
- '18 5 GDPR ,
(DPO) ('17.7)
- ,
('16.7)
o () 4.0
R&D
2.
1)
o () , ,
,
-
- x -
o ( ) 3 20% ,
10%
- '16 20.9% 495 8,000
( ()), 17.8) - , , ,
, 2014 60%
- '16 5,400 11%
, GDP 7%((CPS), 17.1) - , ,
o ( )
- , Venustech
5.5% (CCID Consulting, '15)
-
(UBS, '16.11)
- CCTV Hikvision() Dahua Technology() '15 1, 2 (Morgan
Stanley, '17.7)
o ( )
- , .
CCTV
(17.07)
- ,
,
.
, ,
,
(17.07)
- '16 11 () (
-
- xi -
) '17 6 1 . 7 29
,
(17.06)
- , (17.05)
- '14 10 (16.11)
o ()
, ,
,
2)
o () ,
o ( ) ,
- '16 111 (SDI, 15.8), 17
12% 15 '18 17
(Gartner, 17.8)
- '16 54 4,200 , '18 63 5,100
(Barnes Reports, 17.1)
o ( )
,
- Honeywell Bosch Security India
OEM
- (organized) 700 ,
(unorganized) 1,500
o ( )
- '09
(Aadhaar) .
Aadhaar
'17 3 11
- Arun Jaitley '17 6
-
- xii -
(17.8)
- ,
(17.8)
o () /
,
3)
o () Trend Micro ,
, 2017 GCI 70
o ( ) IDC '14
4 1,790 , 3 ,
7 1,770
- / '14 7,600
, '20 31% 2 9,400
(Frost & Sullivan, '16)
- '15 12 7,000
, 12 10% (Barnes Reports, 15)
o ( ) IT IT
,
- IT EMC, HP, Cisco, VMware, Redhat, Radware,
Sophos, WildPackets, RUCKUS
- Check Point, Trend Micro, Fortinet, ARUBA Networks,
McAfee, HP Security
- ,
AvTech, Axis Communications, Bosch Security Systems,
Dahua, Hikvision, Hanwha( Samsung) Techwin, Honeywell, Mobotix,
Panasonic, Pelco by Schneider, VIvotek
o ( )
- ID-SIRTII/CC, Indonesia Cyber Security Report 2017 '16 9 50% 1 3,567
('17)
-
- xiii -
- , 10
200 ('17.5)
o () , ,
, ()
4)
o () MS , '16
, Kaspersky Lab, Symantec
10
o ( ) 10%
- '16 (Secutech VIetnam) 15%
- '16~'22 12.4%
(6Wresearch, '16)
- 15% '16 6,750
(MIC, 14)
o ( ) Symantec,
IBM, McAfee, Cisco 4
, BKAV
- '13 600
Kaspersky Lab(47.6%)
, BKAV(32.%), Symantec(14.7%), McAfee(13.3%) (MIC, '13)
- SW BKAV SW
5 , 1,000
o ( )
- 5,300 BullGuard
. Bao Tin Technology, 1+1 6
('17.7)
- , .
-
- xiv -
('17.6)
- VNPT
Novicom MOU ('17.4)
o ()
5)
o ()
,
o ( )
,
- 5
(IDC, 16)
- 10% 400
,
(Robert Bosch SEA)
o ( )
,
SI
- CambodiaSoft '05 IT , , ,
, ,
- '14 40, CCTV
30 (KOTRA, '14)
o ( )
- '18
(Pub Street) CCTV 30 ('17.7)
- , 6 .
'17 2 20 3 3 , , , ,
(JICA)
-
- xv -
('17.3)
o () , , , .
, ODA, EDCF
6)
o () (Allianz Global) 2
(Bangkokpost, '16.6)
o ( ) ,
- '17 37 ( 1 1 )
, '18 10~12% (MarketsandMarkets)
- CCTV '13~'17 21.5%
,
(RNCOS)
o ( ) Trend Micro, McAfee, Check Point, Symantec, Sophos,
Kaspersky
-
,
o ( )
- Tobias Feakin ,
(17.6)
- Thailand 4.0 (16.5)
o ()
7)
o ()
-
- xvi -
ITU 2017 GCI 1
o ( )
- '20 9 ( 6 )
(PwC, '16.12)
- 200
, , ,
o ( ) ,
- McAfee,
Kaspersky Lab, Websense, Trend Micro, Norman
- 200 , ,
o ( )
- (NUS), Kaspersky Lab
(R&D) (APT)
('17.10)
- (CSA) 11 (CII)
('17.7)
- (SAF)
24
(Defence Cyber Organisation, DCO) ('17.3)
o ()
, , SK,
NSHC
8)
o () ITU 2017
GCI 3
o ( )
IT
-
- xvii -
- '16 2 4,290 5
21.1% 21 6 3,260 (IDC, '17.8)
- (Managed Security Service) 16 7,320
21 2 2,390 25.1%
o ( ) Kaspersky Lab, Symantec, Websense, Trend
Micro, Panda Security ,
- Kaspersky Lab Panda Security
- Websense, ClearSwift, Consentry Networks
, , ,
,
o ( )
- CREST(Council of Registered Ethical Security
Testers) PPKS(Association of Cyber Security Testers for Kuala
Lumpur, Selangor and Putrajaya) MOU ('17.7)
- (MDEC) PGI(Protection Group International)
. PGI
, , ,
GCHQ ('16.12)
o () ,
.
3.
1)
o () 2
-
- xviii -
o ( ) ,
- '16 1,103, 73,000
( (National Council of Private Security), '17)
- 31.6 GDP 1.2%
(IHS Markit, '16)
o ( )
- ESET, AlienVault, Kaspersky Lab
Trend Micro
-
LockState, Rocky Mountain
o ( )
- '17 3, 6.07%
,
Win32/Fuery(Microsoft, 17.8)
o () ICT ,
,
2)
o () ,
o ( ) ,
- , IT , , GDP
'17 1,700
- '16 CCTV 1,718 ,
1.05%
-
- xix -
o ( )
- , Akamai, IBM, HP
SOC , Deloitte
- Cristhian Fernando Carballo Sanchez, Grupo MR Dos Seguridad S.A, Kruma
Consultores RD S.A
o ( )
- ' 2014-2018' '
2015-2021' (, 17.10)
- , , 3
'17
(, 17.7)
o ()
.
3)
o () 1964
o ( )
- 1964 52 CCTV
- The Safety and Security Resource Guide(13)
4~5%
- , , , , ,
o ( ) , ,
, , ,
- '16 , , 3,500-3,600
-
- xx -
- Microsoft ,
2 CyberArk
o ( )
- '16 (FARC) FARC ('17.6)
-
,
o () ,
AS , (SI)
4)
o ()
,
,
o ( ) ,
,
- '14 2 5,000 ,
15% '16 3
(, 3 )
- 5 11%
o ( ) '16 1,560
, 100
10
-
- Automatec, Casmar Electronica Chile S.A, Davantec Technologias Y Consultorias
Limitida, Support Services Limitida
o ( )
-
('17 1), '17 12
-
-
- xxi -
Digital Agenda 2020( ) (16.1)
o () ,
.
5)
o () ,
o ( )
10%
-
- '14 750
(Technavio, 15)
o ( )
-
Intelligente Solution 9
- 300-400
10
o ( )
- ('17 11 5 ) 1(PLC)
(17.9)
o ()
,
4.
1)
o () 2000
-
- xxii -
2015
o ( ) 2,550 ,
4,830 7,380
- '14~'17 GCC
8 3,400 15%
- GCC CCTV
o ( ) ,
,
- Thales Lockheed Martin
- First Information Security, Sachin Technologies LLC, Vision Innovative Technologies
LLC, Gulf Business Machines(GBM) Oman
o ( )
- OCERT, FIRST(Forum of Incident Response and Security Teams)
(17.6)
FIRST
- ISO/IEC 17025 (17.4)
- Oman Airports Management Company(OAMC),
Lockheed Martin BEONTRA Suite (16.3)
o ()
, , AS .
'16
2) UAE
o () UAE
, ,
o ( ) UAE
,
/
-
- xxiii -
- 16 UAE 16.6 (SDI, '16)
- 13.6 , 2.4 , 6
82%
o ( ) UAE ,
- UAE , Thales,
IBM, UTC( GE Security), Honeywell, Schneider/Pelco, Siemens, Johnson Controls,
Cisco , Kaspersky Lab, Trend Micro
o ( )
- UAE
(Dubai Electronic Security Center) (17.5)
- '17 5 Smart Grid Security Summit
(17.5)
- du, du(du Enterprise Security Operations Center)'
(16.10)
o () , , ,
, SOC,
, UAE
3)
o () '22
,
o ( ) ,
- '16 3 8,000 , 353
- '25 1.58%
(SDI, '16.10)
o ( )
- , , IT ,
-
- xxiv -
,
G4S
o ( )
- ,
(17.7)
- UAE
(17.5)
o () , ,
. ,
,
4)
o ()
,
o ( )
,
,
- 4 4,000 (Barnes Reports, '15.12)
-
,
o ( ) 16 1
- 5,810 ,
4,260, 636
(628), (145), (141)
o ( )
- , ICT
(17.8)
- 17 5~7 2 2 PC
o ()
-
- xxv -
AS . , , ,
.
,
5)
o () 2030(National
Transformation Program and Saudi Vision 2030)
o ( ) GCC , UAE, , ,
,
- 15 6 3 15 ~ 25 3.07%
2025 8 5,500 (SDI, '15)
- CCTV , 14~19
23%
o ( ) IT
- GCC Thales, IBM, UTC( GE
Security), Honeywell, Schneider/Pelco, Siemens, Johnson Controls, Cisco, ARINC
Axis Communications
o ( )
- (NCSC),
(17.2)
- 5 Shamoon 16
11 ~17 1
o ()
,
6)
o () ITU (GCI 2017) 20 (mature)
,
o ( ) ,
-
- xxvi -
- 15 1 8,700 ,
3.73% 25 2 7,000 (SDI, '16.3)
- '16 , CCTV
, ,
o ( )
- Check Point, CyberArk, Comsec
- NICE Systems
, 350
o ( )
- TD .
, TD (17.10)
-
(17.7)
o () R&D
5.
1)
o () ICT ,
o ( ) '14 380, '15
1,823
- , , ,
, (SERIANU, 16)
-
- CCTV '16 397
o ( ) NRD(Norway Registers Development) East Africa
Ltd. Lumension, IBM Security,
AccessData, Qualys, FireEye, Fortibet and Vasco
-
- xxvii -
- IT , ICT ,
, ,
- Kiwango Security Guard, Cyberoam , Raha, Benson
Security Systems(BSS)
o ( )
-
(17.10)
-
(17.7)
- 3 Tigo (17.2)
o () , ,
.
, , AS .
, ODA, EDCF
2)
o () ICT ,
(RDB) ICT(Ministry of Youth and ICT)
o ( ) 2017 (NCSA)
- '17 280
- CCTV '10 , '16
176.3
o ( ) CCTV
- CCTV
o ( )
- Kagame, Huawei Ms. Sun
Yafang(Chairwoman) ICT
-
- xxviii -
Huawei MoU (17.3)
- WISeKey International Holding, 17
/IoT
(17.3)
o () SOC, PKI ,
. Joint Venture
3)
o ()
(Kenya Security Survey 2016)
o ( ) ICT
,
IT
- '17 2,330
- '15 10 (SDI, '16)
o ( ) Symantec Cyberoam
ISP
- ,
- Symantec, NetGuardians, Cyberroam
Pamoja, Sofgen, BusinessIT Africa
- IT Naisoft
- AccessKenya Security Risks Solution
Internet Solutions Kenya Managed Security Service(MSS)
o ( )
- 2016(Computer and cybercrime Bill)' (17.4)
o ()
.
, , AS
-
- xxix -
4)
o () ,
, ICT
o ( )
- ICT GDP
'17 420
o ( )
- Microsoft, IBM, Cisco IT
- IPX Gabon , VSAT
30
o ( )
- ANINF Kaspersky Lab
MOU (16.6)
- Microsoft CityNext
(16.3)
o () 1
.
5)
o ()
o ( )
- ICT GDP
'17 430
- CCTV ,
'16 57.8
-
- xxx -
o ( ) IT Microsoft, Cisco, IBM IT ,
-
IBM IT
- DVR, ,
1 ,
2 ,
o ( )
- , ,
(CDP) (17.3)
- ,
(16.1)
o () .
ODA,
EDCF 2~3
6)
o ()
10 10%
,
o ( )
- ICT GDP
'17 2,410
- CCTV '16 436 ,
1 4,031
o ( )
IT 2~3
- (INSA) Kaspersky
Kaspersky
-
1
1. 1
2. 6
3. 7
8
1. 8
. 10
. 72
. 101
. 151
. 199
2. 238
. 240
. 275
. 298
. 330
. 352
. 365
. 383
. 405
3. 430
. 432
. 460
. 476
. 501
. 525
4. 541
. 543
. UAE 569
. 593
-
. 611
. 633
. 654
5. 691
. 693
. 720
. 754
. 771
. 783
. 796
809
1. 809
2. 30 811
3. 814
867
-
- 1 -
I
1.
m , , , IT
(IoT) IoT /
(surface attack)
- IT Gartner , IoT 1997~2016 20 60
, 2017~2019 3 210
- IoT 2013-2020 24% ,
2020 8 4,100
IoT (: )
: Gartner(2016)
- Gartner 2017 9 2020
-
- 2 -
90
- 2016 HummingBad 8,500 , QuadRooter 9 , Godless Malware 85
ICT
m ICT
CIO 2017
- Morgan Stanley EU 100
CIO 1 , 2 ,
EU CIO IT
: Morgan Stanley(2017.1)
-
- 3 -
- Piper Jaffray CIO
80% 2017 IT
2017 IT
: Piper Jaffray (2017.1)
5 12.9%
- IT Technavio , 2016
1,003 6 5 12.9% 2021 1,839 6
- 2016 347 ,
305 6 , 216 8
-
- 4 -
( : )
: Technavio(2017.9)
Memoori Business Intelligence
, (Surveillance)
2016 284 4,000
* Memoori
- Memoori 2015 4.5% , 5
8.2% , 5 5.6%
2021 374 3,000
- Memoori 2014 252 8,000
, 134 8,000 ( 53%),
61 8,000 (24%), 56 2,000 (23%)
- 2014 7.5% , 9.9% ,
IP ,
10%
-
- 5 -
2) ( : )
: Memoori Business Intelligence, The Physical Security Business 2016 to 2021(2016.4Q)
,
- ICT , ,
-
2)
-
- 6 -
2.
1)
- , , ,
, , ,
- ,
, , , ,
*
2)
5 , 30
(5) - , , , ,
(8) - , , , , , , ,
(5) - , , , ,
(6) - , UAE, , , ,
(6) - , , , , ,
-
- 7 -
- 3(, , )
- G3
, 4 ,
, , ,
- 2 , FTA
, , ICT ,
- ICT
,
UAE, 2022 ,
-
, , , , ,
3.
1 , 2 , 3
3
- 1 , ,
- 2 30
- 3
27
-
- 8 -
II
1.
m
,
- GDP 18 6 , 1 GDP 57,4674(2016)
, , , 3
-
- , , ,
(2016 )
(US$ )
(US$ )
1948. 8. 695 432, , , ,
,
, , , ,,
1965. 12. 244 475
, , ,
, , , ,
1886. 6. 64 189
, , , ,
, /
, , ,
,
1884. 4. 63 52, , ,
, , , ,
1883. 11. 25 58, ,
, ,
, , , ,
,
: Kotra-, 2017
-
- 9 -
(ITU) , ICT
(, ) ICT
(ICT development Index, IDI)
- 2016 ICT (ICT Development Index, IDI)
ICT IDI
8.57 5, 10, 12
ICT(IDI)
IDI(2016) (access) (use) (skill)
15 8.17 19 8.27 18 7.57 1 9.18
10 8.37 10 8.80 8 8.14 35 7.97
12 8.31 5 9.09 21 7.49 23 8.36
5 8.57 3 9.24 9 8.09 29 8.18
16 8.11 12 8.70 17 7.61 36 7.94
1 8.84 8 8.99 3 8.57 3 9.08
: ITU, Measuring the Information Society Report 2016(2016)
-
- 10 -
.
ITU (Global Cybersecurity Index, GCI) , , ,
( , , )
2017 GCI
5
0.919 2
0.782 13
ICT ICT 10%
ITU ICT (IDI 2016) 8.17 15 8.84 1
(Access) 8.27 19 8.99 8
(Use) 7.57 18 8.57 3
(Skills) 9.18 1 9.08 3
ITU (GCI 2017) 0.919 2 0.782 13
UN (2016) 0.842 12 0.892 3
WEF (NRI 2016) 5.8 5 5.6 13
ICT (ITU, 2016 ) 127% LTE 70%
( ) (%) ( ) (%)
121,530 37.1 28,035 56.1
106,072 32.4 20,555 41.1
416,684 127.2 61,295 122.7
76.18% 92.7%
17 GDP() 19,417.10
'17 () 326,625
-
- 11 -
1)
)
m
ITU 2017 Global Cybersecurity Index(GCI)
0.919 2 , 1
- , 5
, ,
-
1.0 0.9
,
- 2017 4, Symantec , 2016
, , 23.96% 1
- 2 9.63%, 3 5.84%
- NexusGuard DDoS , 2016 2 DDoS
83% 159,704 76,462
DDoS 3
-
- , ,
Symantec , 36%
-
- 12 -
- 64% , 34%
, 266% ,
1,077
m
,
- , , ,
,
-
,
- , ,
- ,
,
- , , ,
- , ,
2
-
- 13 -
)
- 2016 2015 1.3% 1 2,153
( 37.96%)
-
- AT&T, Verizon, Century Link Inc. ,
(44.1%) (29.9%)
(: )
: ITU Statistics DB(2017.6)
- 2016 2015 1.0% 1 1,470
, 32.4%
-
- 14 -
(: )
: ITU Statistics DB(2017.6)
- 2016 2015 9.5% 4 1,668
, 127.1%
- Strategy Analytics ,
Verizon, AT&T, Sprint, T-Mobile 80%
- Buddecomm , Mobile-Only 2008 18% 2017
49%
- LTE 5G
97% 3
2000 88%
-
- 15 -
(: )
: ITU Statistics DB(2017.6)
2)
)
m
,
- Strategic Defence Intelligence( SDI) ,
2024 50%
,
- 1/3 IT
-
- 16 -
- ,
(DoD), (DHS)
- 2010 130
, 2016 10 140
- (TIA) , (
) , 2017 635
- 2017 (Critical Infrastructure)
124 , 105
,
,
- 10%
,
(VPN)
- ,
,
(SIEM, Security Information & Event Management)
- IT PC
- , 2013~2023
,
34%
-
- 17 -
2013~2023
Einstein intrusion detection system
- 2010~202113 5 (~2014), 38
Cyber Genome project
- 2010~2013 7,700
Automated Program Analysis for Cybersecurity(APAC)
- 2012~2015 4,000
Mission-oriented Resilient Clouds(MRC)
- 2011~2020 -
Active Authentication Program(AAP)
IAM - 2013~2016 -
National Cyber Range(NCR)
- 2011~2015 5,400
Sensor Shadow - Cyberspace Operations Program
General Dynamics Advanced Information Systems(GD-AIS)
2012~2014 500
Agile Cyber Technology(ACT) programme
L-3 Stratis 2012~2017 300
Cyber Analytical Information Technology Services
Point One Inc 2010~2015 6,832
Cyber Camouflage, Concealment and Deception
- 2011 -
: SDI, The Cyber Security Market in the United States to 2025(2016.3)
,
- , ,
5,000
-
,
- 300
- , ,
-
- 18 -
,
-
OEM
- ,
- ,
- ,
,
, ,
: Ken Research, The US Electronics Security Industry Outlook to 2017(2013.6)
m
SDI 3), 2015 67
, 2025 (CAGR) 2.70% 87
- 2023 2023
-
3) SDI, 'The Cyber Security Market in the United States to 2025: Market Brief'(2016.3)
-
- 19 -
- 3%
(Identity & Access)
(2015~2025)
(: )
6.77.6
8.3 8.6 8.38.9 8.9
9.7 109.3
8.7
0
2
4
6
8
10
12
2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 2015
: SDI, The Cyber Security Market in the United States to 2025(2016.3)
Markets and Market , 2016
2,475 , 2021 4,565
- 2017 317 , 18%
- Frost & Sullivan 2020
ICT 100
- 2017 180 5 4.4%
2022 220
,
- (Software as a Service, SaaS)
,
- SECaas(Security-as-a-Service)
, ,
-
- 20 -
- (SIEM: Security
Information & Event Management) , SIEM
SDI , 2016 2,320
2025 3,505
- 1.01%
(: )
: SDI, 'United States Defense Spends on Homeland Security'(2016.8)
Barnes & Co. ,
, 2015 163 6,180 2016 175 5,900
2017 188 8,690
-
- ,
DIY
- 2020 DIY 15 ,
(Security) 58%
-
- 21 -
(2013~2017)
(: )
14682.215507.3
16361.817559
18886.9
0
2000
4000
6000
8000
10000
12000
14000
16000
18000
20000
2013 2014 2015 2016 2017
: Barnes Reports, '2016 U.S. Industry & Market Outlook: Security Systems Services
Industry' (2016.5)
-
- /
- IT
- , Cisco IT
, (managed security)
- ,
-
- 22 -
)
m
57% ,
31% 2, 16%, 14%
- SDI , 2015 35
2015 2025 489
- 2015 14 2025 18
- 2015
70%
- , 2015 8 8,600
2025 3.27%
(2015~2025)
(: )
2015 2025
(2015-2025)
(2015-2025)
3.5 4.8 48.9 3.32%
1.4 1.8 22.0 2.73%
0.925 1.4 14.9 4.55%
0.886 0.636 9.2 -3.27%
6.7 8.7 94.9 2.70%
: SDI, 'The Cyber Security Market in the United States to 2025'(2016.3)
-
- 23 -
(2017)
: SDI, 'The Cyber Security Market in the United States to 2025'(2016.3)
-
- Symantec, McAfee, Kaspersky Lab, Trend Micro
,
- (On-Premise)
- , (IoT), ICT
- Cisco, Juniper, F5 (Virtual Private Network, VPN)
VPN
IT
- 2015 9 2,500 2025
4.55% 149
-
-
- 24 -
- ,
- (On-Premise)
,
IBIS World ,
61.6% , ,
5
- 29.1%
- 9.3% ,
2017 5 Morgan Stanley CSO(Chief Security Officer)
, Firewall
3
- 2017 6% 3 IT
4% 9%
- 30% CSO 2017 Firewall
2016 27% . CSO
APT
- ,
, (Cloud Access Security
Brokerage Solution)
Barclays CIO(Chief Information Officer) , 7
12 71
- , , 2015
1~3
-
- 25 -
- APT 2015 13 2016 17
- , , DDos , Firewall 2015
CIO ( 12 )
: Barclays, 'US Software-Security, Design & VSS: Stock-Pickers Market in 2017, 2017.01
- ()
,
- ( ) IAM
,
- ( /) SIEM/Data Analytics
1) , 2) 3~5
- ( ) CIO ,
SaaS
- ( ) CIO , (Firewall) 12 ,
2017 ~2018
-
- 26 -
m
B2C
B2B
-
- , ,
(SI)
- ,
(Distributor/Retailer)
-
, 2000
-
- IT SW (Wholesales) PC ,
(Retailer) , 2004
- IT (Distributor) Ingram Micro, Tech Data, Avnet,
Arrow Electronics, SYNNEX
- ,
Best buy, Circuit City, OfficeDepot, Staples
- , SaaS(Software as a Service)
SaaS
Ingram Micro Avent IT
70%
-
- 27 -
IT
Ingram Micro, Inc. IT Peripherals, Systems, Software(15~20%), Networking
Avnet, Inc.Electronics, Technology Solutions, Logistics, Managed
Technologies
Tech Data Corp. IT Peripherals, Systems, Software, Networking
Arrow Electronics, Inc.
Semiconductors, Computing Solutions, OEM
Computing solutions, Passive, electromechanical and
connectors
Tyco International
Hardware and software products, application
development, asset and lifecycle management, product
procurement, systems integration, and training
SYNNEX Corporation PCs, servers, and software
IKON Office Solutions, Inc.
Scopiers, printers, fax machines, office supplies,
document management outsourcing, electronic file
conversions, facilities management
ScanSource, Inc.
Automatic identification and data capture (AIDC)
products, point-of-sale(POS) products, voice and data
communications products and electronic security
equipment
Newegg Inc.
Cell phones, digital cameras, home appliances,
networking devices, peripherals, DVDs, accessories, and
software
MA Laboratories, Inc.
Memory modules, hard drives, motherboards, modems,
power supplies, and graphics cards, monitors, software,
GPS systems, network cards, digital cameras, notebook
computers, wireless networking gear, digital music
players, etc
: Wikipedia, Google Finance
- (ISV), VAR(Value-added reseller),
(MSP) (channel partnership)
-
m
, , , . ,
. ,
-
- 28 -
- Barnes & Co. ,
2017 () 119 200
, 2 1,370
-
58 900
- 8 2,600 , 3,780
- 4 6,920 ,
4 2,000
(2017)
(: )
(2014)
(2017)
(2017)
(2017) 10,713.0 11,902.5 21,370 98,103
5,302.0 5,890.7 3,190 20,284
378.2 420.2 730 3,780
743.5 826.0 3,151 12,886
422.3 469.2 706 2,897
: Barnes Reports, '2016 U.S. Industry & Market Outlook: Security Systems Services
Industry' (2016.5)
Barnes & Co.(Barnes Reports) , 2017
61%, 31%, 4%, 3%,
2% , 2014
-
- 29 -
(2017)
: Barnes & Co.
5
- (28.1%): ,
28.1%
- (22.4%): 22.4%
- (16.6%): 16.6%
- (14.5%): 14.5%
- (18.4%): 18.4%
: IBIS World
- , , ,
-
- 30 -
- 1:2
,
-
-
- (Electronic Access Control System)
- ,
- , ,
5
- 2013
(Office of Biometric Identity Management)
- 2016 14.0%
5 7.8%, 54
-
-
,
,
-
- 31 -
, ,
- ,
VSaaS
IP
- , ,
CCTV'
- IP DVR
- CCTV CCTV
,
- CCTV AI CCTV CCTV AI
, , &
m
(Wholesales)
- ,
-
,
- ,
OEM
-
-
- 32 -
55%
-
-
-
,
- 3D
,
- 15.0%
- , ,
14.0%
, ,
GSA (GSA
contractor)
- GSA contractor /
- GSA contractor
,
- GSA contractor
,
,
- ADT Security Service
-
- 33 -
- Ingram Micro
ADT Security Service
-
, 400
- 200
Ingram Micro
- IT,
- 48 162 150
17 (Best Busy, Future shop, Staples )
- Sony, HP 1,400 ,
OEM
PELIKANCAM- GSA
- CCTV , DVR, IP &
A1 Security Cameras
-
- GSA , , ,
-
: Wikipedia, Google Finance
)
m
q
,
- EMC, Check Point, Fortinet, McAfee, HP Security, Cisco, Symantec, Trend Micro,
Palo Alto Networks, Blue Coat Systems, Check Point Technology, Kaspersky Lab
- Symantec, McAfee, Check Point 3 2011 35.4%
-
- 34 -
2016 32.8%
- D.C. ,
-
(M&A) ,
- AI() Symantec, IBM
-
- 35 -
(: )
2017.05.24 Microsoft Hexadite N/A 100
2016.09.20 Fortinet AccelOps N/A 28
2016.09.18 Oracle Palerra N/A N/A
2016.09.07 TPG Intel Security (51%) N/A 3,100
2016.07.28 Oracle Netsuite N/A 9,300
2016.06.28 Cisco Systems CloudLock N/A 293
2016.06.12 Symantec Blue Coat Systems 7.8 4,650
2016.06.01 Vista Equity Partners Ping Identity Corp. N/A N/A
2016.02.20 IBM Resilient Systems N/A N/A
2016.01.30 Fire Eye iSIGHT Partners N/A 275
2016.01.15 IBM IRIS Analytics N/A N/A
2015.11.09 Blue Coat Systems Elastica Inc. N/A 280
2015.09.08 Microsoft Adallom N/A N/A
2015.07.30 Blue Coat Systems Perspecsys Inc. 13.3 44.7
2015.05.27 Palo Alto Networks CirroSecure N/A 18
2015.03.31 CipherCloud Anicut Systems N/A N/A
2015.02.05 Intuit Inc. Porticor Ltd. N/A N/A
2014.06.12 CloudLock Innovode Ltd. N/A N/A
2014.02.06 Imperva SkyFence Networks N/A 60
2014.01.15 CipherCloud CloudUp Networks N/A N/A
2013.11.07 HyTrust HighCloud Security N/A N/A
2013.10.03 Cloud Security Corp. App Ventured LTD N/A 2
2013.09.26 Intermedia.net SaaSID N/A N/A
2013.07.23 Cisco Systems Sourcefire N/A 2,700
: 451 Research, Oppenheimer Research, (2017.9)
Barclays ,
(Firewall) Palo Alto Networks Fortinet
Cisco, Check Point Juniper
- Palo Alto Networks 2013 5.3% 2015 10.1%
-
- 36 -
2013 2014 2015
Cisco 19.6% 19.4% 18.1%
Check Point 14.9% 14.4% 14.1%
Palo Alto Networks 5.3% 7.5% 10.1%
Fortinet 6.7% 7.4% 8.4%
Juniper 6.4% 4.7% 4.1%
47.1% 46.5% 45.1%
100.0% 100.0% 100.0%
: Barclays, US Software Security, Design & VSS: Stock-Picker's Market in 2017
Barclays CIO , 12
Palo Alto Networks 2015
Check Point Symantec
- Palo Alto Networks 2015 25 2016 50
, Firewall
- FireEye, Cisco Systems, Trend Micro, Splunk 2015
2016 2 5
- , 2015 1 Check Point 2016 9,
Symantec 2015 2 2016 6
- , F5 Juniper , 2016 2015
-
- 37 -
CIO (2015 ~2016 )
2016 2016 2015
Palo Alto Networks 50 36 25
FireEye 47 48 39
Cisco Systems 41 47 16
Trend Micro 25 22 12
Splunk 24 24 14
Symantec 24 34 45
F5 19 21 38
Fortinet 18 6 5
Check Point 15 16 60
Juniper 11 15 24
Proofpoint 8 5 3
Imperva 5 5 3
Barracuda Networks 3 1 1
Sophos 3 6 6
Hewlett-Packard Enterprise 2 NA NA
Rapid7 2 0 0
CyberArk 1 0 0
Qualys 1 1 0
Radware 1 0 0
: Barclays, US Software Security, Design & VSS: Stock-Picker's Market in 2017
q
IT
- 300~400
, ,
5,000
- United Technologies, Honeywell International,
Tyco International 3
- Assa Abloy(), Checkpoint Systems, L-3 Communication, Robert
-
- 38 -
Bosch(), Safran()
-
- ,
2010
- Diebold Security Stanley Black & Decker
,
m
q
Symantec Corporation
- Symantec 2016
- , , ,
1
- 2016 6 Blue Coat Systems
- ,
,
- Symantec Norton
- , ,
- Norton
-
- 39 -
- Symantec Mobile Security iOS, Android Windows OS
- , , SMS
, Symantec Mobile Management Platform
- Symantec ATP Suite
, ()
- Technology Business Review(TBR) '2015-2020 (Enterprise
Security Market Forecast) , Symantec
2
2020 4
- 2016 11, AI SEP 14
(Symantec Endpoint Protection 14) 100
,
90 AI
Trend Micro
- Trend Micro , , , ,
, , ,
- , Symantec, McAfee
, , (Virtualization),
, (APT), (IoT)
- Amazon AWS Microsoft Azure Trend
Micro 2014 Trend Micro
- Trend Micro , ,
,
- (stand-alone) , Trend Micro Control Manager
Trend Micro
- Trend Micro 2017 3, NSS Labs
-
- 40 -
Palo Alto Networks
- 2007
(APT)
- (IPS), , URL
Wildfire Traps
- 2014 Cyvera
Traps
- 2016 ,
-
R&D
- , ,
- (APT) Wildfire
, , SecaaS
(CASB)
- Palo Alto 2017 10
(SaaS)
Cisco Systems
- , Service Provider
Video, , ,
- Cisco Systems 2015
(Security Everywhere)
-
-
(Before) (During) (After)
-
- 41 -
- 2013 Sourcefire 2014 Open
DNS 2015 Ericsson
- 2015 10
Lancope
- 2016 6 CloudLock 2017
1 Cisco
- , , ,
M&A
Check Point Software Technologies
- Check Point Software Technologies
4
- 10 ,
- , , ,
-
2012
- Check Point , (VPN),
(IPS), , URL , , , ID
-
- 2016 CheckPoint R80
, ,
-
-
- 42 -
Fortinet
- Fortinet Unified
Threat Management(UMT)
- , , , MSSP
- , FortiGate , VPN, , ,
, , , DLP, WAN , WLAN
- FortiGate ,
2
McAfee( Intel Security Group)
- Intel 2011 McAfee
2016 TPG 51%
- Intel Security Group 2017 McAfee
- Intel McAfee
,
- , , ,
,
,
q
Tyco Integrated Security
- Tyco International Ltd. ,
- ,
- , , ,
-
- 43 -
Stanley Convergent Security Solutions
- Stanley Black & Decker
, , .
- 30
- , , , ,
- , CCTV/ , ,
,
Vivint Inc.
-
-
,
- , , , ,
Monitronics International
- , 450
- 2010 Ascent Capital Group
- , , ,
,
Dieblod Security
- , ,
-
- ATM ,
Vector Security Incorporation
- 10
-
- 44 -
,
- 26
- , , , ,
Guardian Protection Services
- 1950 ,
, 25
- , , , , , ,
Raytheon
- 4 , , , ,
, ,
-
(supply registration)
)
MS 2014 Hexadite 1 ( 1,119
) (2017.5)
- Hexadite 2014 ,
35
-
RSA 2017 Fortinet, McAfee, Palo Alto
Networks, Symantec (Cyber Threat Alliance, CTA)
-
- 45 -
(2017.2)
- CTA
(cybersecurity coordinator) (Michael Daniel)
- , Check Point Cisco Systems CTA
- CTA
,
(STIX/TAXII)
IBM (AI) (Watson for Cyber
Security) (2017.2)
- IBM
, , ,
- IBM
IBM
- IBM Watson
IBM X-Force 8
,
DNS , IoT (2016.10)
- Dyn
- (Mirai)
,
- , , (IoT)
... (2016.10)
- Nationwide 80%
-
- 46 -
- 2015
, 60% 1
- 2,800
2016 9
(Improving Small Business Cyber Security Act)
Intel, TPG Intel Security (2016.09)
- Intel Intel Security 51% TPG 31
2017 McAfee
- Intel 2011 McAfee 77 2014 Intel Security
- Intel PC
, TPG
IT , VSA (2016.09)
- 9 IT
(Vendor Security Alliance, VSA)
- VSA Uber, Twitter, Dropbox, Docker, Palantir, Atlassian, GoDaddy, Square,
Airbnb
- VSA
, VSA
3
Symantec, Blue Coat Systems (2016.08)
- Symantec
- Blue Coat Systems 2015 Elastica
(Cloud Access Security Broker, CASB)
-
- 47 -
Auto-ISAC, (2016.07)
- Auto-ISAC
-
- Auto-ISAC
- ,
Cisco, CASB CloudLock 2 9,300 (2016.06)
- CloudLock IaaS, PaaS, SaaS
Cisco
- (IoT), , ,
Cisco
- , Cisco 2013 (IPS) Sourcefire ,
ThreatGRID, Open DNS, Lancope
ICSA Lab, IoT (2016.05)
- ICSA Lab
- , IoT
6
-
IoT
-
- 48 -
3)
)
m
1988
, 3
1991
- 1996 (Presidents Commission on
Critical Infrastructure Protection, PCCIP)
- 1996 (National Information Infrastructure Protection Act of
1996)
- , ,
,
,
9.11
(USA PATRIOT ACT of 2001)
-
-
-
-
2013 6
NSA (FISA)
2008
-
- 49 -
- 2005
2002 11
(DHS)
- 17 ,
2 3 2
10 (Information Security)
- 3 2 (Critical Infrastructure
Information Act)
,
, , ,
, ,
- FBI (NIPC), (NCS),
(CIAO)
, (GSA) (FedCIRC)
-
2002
(Federal
Information Security Management Act, FISMA)
-
-
- (NIST)
, NIST
-
- 50 -
(Cyber Security Enhancement Act) 2002
- 225 (Computer Fraud and
Abuse Act. CFAA) 1030
-
20 ,
-
(ISP) ,
,
2009
2015
- , ,
- (Cybersecurity Advisory Panel)
-
,
2015
(Cyber Security Act 2015)
- 2015 (CISA, S.654), (PCNA, H.R.1560), (NCPAA, H.R.1731) 3
- (Cybersecurity Information Sharing Act, CISA) 2 2015 (Cybersecurity Act of 2015)
-
,
-
- 51 -
- , ,
(, )
- ,
(cause of action) ,
- ,
(
)
-
- (National Cybersecurity and Communications
Integration Center, NCCIC) ,
-
,
- ,
, ,
2016
-
(cyber incidents)
(Defense Industrial Base Cybersecurity Activities)
11 3
-
, , , , ,
-
(covered defense information) 72
-
- 52 -
,
, , , ,
- ,
, (DOD Cyber
Crime Center)
m
q (1998~2002)
2001 9.11
- 1998 5, (PDD, Presidential Decision Directive) 63
,
- 2001 9.11
(EO, Executive Order)
- 13228(01.10.8 ) (Office of Homeland
Security) (Homeland Security Council) (01.10),
PDD-63 13231(01.10.16 )
q (2003~2008)
2003 3(Homeland Security Act
(DHS)
- , ,
,
- 2008 1 23(NSPD-54/HSPD-23, National Security
Presidential Directive-54/Homeland Security Presidential Directive- 23) ,
(CNCI, Comprehensive National
-
- 53 -
Cybersecurity Initiatives)
q (2009~2016)
2009 1
- 2009 2
(CNCI)
(NSC, National Security Council) (Homeland Security
Council)
- 2009 5 (Cyberspace Policy Review)
- 2009 12 2003
-
(Cybersecurity Directorate)
- 2010 , (
CNCI)
-
,
,
- 2011 5
, , ,
3
(International Strategy for Cyberspace)
2013 2 , ,
-
- 54 -
-
-
, ,
- , (State, Local, Tribal, Territorial Entities, SLTT)
- , ,
2015 2 (Promoting
Private Sector Cybersecurity Information Sharing EXECUTIVE ORDER 13691)
- (1) (2)
(3)
- (Information Sharing and Analysis Organizations:
ISAOs) (DHS)
- ISAO , ,
,
-
-
(ISAOs)
- (National
Cybersecurity and Communications Integration Center, NCCIC) ISAOs
ISAOs
- ISAOs
,
''(Fair Information Practice Principles, FIPP)
- 2015
-
- 55 -
)
(Cyber Security Coordinator, CSC)
- 2009 12
- 2003
(President's Critical Infrastructure Protection Board)
2016 Michael
Daniel
- , ,
- ,
(Cybersecurity Directorate)
,
- (National Economic Council, NEC)
(Office of Management and Budget, OMB)
(Office of Science and Technology Policy, OSTP)
(Department of Homeland Security, DHS)
- 2003 3 (Homeland Security Act)
(DHS)
- , ,
-
- 2009 10 30 IT
(NCCIC: The National Cybersecurity and Communications
-
- 56 -
Integration Center)
-
(National Cybersecurity
Center, NCSC) (US-CERT) (National
Coordinating Center for Telecommunications, NCC)
- 1998 5
(Presidential Decision Directive-63, PDD-63)
(National Infrastructure Protection Center, NIPC)
- (FBI) , 2003
- ICS-CERT
(Department of Defense, DOD)
- 2010 10 (U.S. Strategic Command) , , ,
(U.S. Cyber
Command, USCYBERCOM)
- 2009 1 (Network-Centric Warfare,
NCW) , ,
- (DOD) (DHS) ,
, , 2011 7
(DOD)
- 2016
(Department of Justice, DOJ)
- (FBI) (Cyber
Division) , , , ,
5
-
/ ,
-
- 57 -
- FBI 22
(National Institute of Standards and Technology, NIST)
- (Federal Information Security
Management Act, FISMA) ,
- 2010 3 , (NICE,
National Initiative for Cybersecurity Education)
- 2014 2
(Cybersecurity Framework)
- 2015 6 , , , ,
- 2016 4
R&D
- 2016 7 (NIST SP 800-63B )
SMS 2
- NIST,
-
- 58 -
2013~2023
Einstein intrusion detection system
- 2010~202113 5 (~2014), 38
Cyber Genome project - 2010~2013 7,700
Automated Program Analysis for Cybersecurity(APAC)
- 2012~2015 4,000
Mission-oriented Resilient Clouds(MRC)
- 2011~2020 -
Active Authentication Program(AAP)
IAM - 2013~2016 -
National Cyber Range(NCR)
- 2011~2015 5,400
Sensor Shadow - Cyberspace Operations Program
General Dynamics Advanced Information Systems(GD-AIS)
2012~2014 500
Agile Cyber Technology(ACT) programme
L-3 Stratis 2012~2017 300
Cyber Analytical Information Technology Services
Point One Inc 2010~2015 6,832
Cyber Camouflage, Concealment and Deception
- 2011 -
: SDI, 'The Cyber Security Market in the United States to 2025'(2016.3)
)
2017 7,
((Medical Device Cybersecurity Act of
2017,S.1656)
-
- (report card)
,
- HIMSS4)
-
- 59 -
(MSD2)
5)
,
- , (Federal Communications Commission,
FCC) UL(Underwriters Laboratory)
- CC(Common Criteria)
(Office of Management and Budget,
OMB), (National Institute of Standards and Technology,
NIST), (Chief Information Officer, CIO)
- (OMB)
(CIO)
- (NIST)
/ ,
- (CIO) , (OMB)
NIST
4) Healthcare Information and Management Systems Society IT
, MSD2
5)
-
- 60 -
: KHNP
q FCC(Federal Communication Commission)
(Federal Communications
Commission, FCC)
- FCC
- , CD, DVD
(Radiation) FDA
-
- 10KHz~3,000GHz
,
(EMI)
- FCC
,
- FCC , //
, , , , PC ,
-
- 61 -
, (, , )
- ,
FCC
FCC
- , (Certification)
, , FCC
- , (Verification)
FCC
FCC
- Communication Act( ) 47 CFR(The Code of
Federal Regulations: ), FCC CFR(Code
of Federal Register) Title 47 (Telecommunications)
- FCC , FCC
- FCC FCC ID
ID Grantee Code
- FCC ID FCC
FCC 4~6
q UL(Underwriters Laboratory)
UL UL UL
- 295 ,
UL UL
-
-
- 62 -
UL
- UL
- UL ,
, ,
- UL ,
UL
q CC(Common Criteria)
,
CC
- , 4(, , , ), TCSEC(Trusted
Computer Security Evaluation Center)( 1985 ), ITSEC(Information
Technology Security Evaluation Criteria)( 1992 ), CTCPEC(Canadian
Trusted Computer Product Evaluation Criteria)( 1993 )
- CC
, ,
- EAL1~EAL7
,
- (APE), (ASE),
(ACM), (ADO), (ADV), (AGD), (ALC),
(ATE), (AVA)
q (FedRAMP)
-
- 63 -
-
- (GSA) 2012 6 FedRAMP
(Federal Risk Authorization and Management Program)
-
(Third Party Assessment Organization, 3PAO)
- FedRAMP 1 8
,
- ,
FISMA , FedRAMP SSP
Security Controls (Documents) FedRAMP
FedRAMP
- FedRAMP NIST, CIO , ,
2
- IT
FedRAMP ,
-
q USGCB(U.S. Government Configuration Baseline)
PC
IT PC PC
- , PC
PC
,
- PC
PC
-
- 64 -
- USGCB SCAP(The Security Content Automation), FISMA(Federal
Information Security Management) IT
IT
q
SAFETY 2002 Homeland Security Act
-
- Applicant Account Application SAFETY Act
(NSA) NIAP(National Information Assurance Partnership)
- ,
-
-
- 65 -
)
(SELF DRIVE Act)6)
(2017.7)
- IT ,
-
,
7)
- ,
- , ,
( , / )
,
8) IoT
, IoT
(2017.8)
- 2020 IoT 200 IoT
DDoS , IoT
- IoT ,
- 180 IoT
6) H.R 3388 "Self Drive Act" Safely Ensuring Lives Future Deployment and Research In Vehicle
Evolution Act"
7) (NHTSA) 2015 7.7% 1966
94%
8) executive agency. , ,
-
- 66 -
(CIO)
SB 90 (2017.7)
- CIO
CIO , CIO
- IT
CIO , IT CIO
, ,
, (2017.6)
-
-
- ,
(DHS)
9)
(Hack the DHS Act) (2017.6)
-
180
(2017.5)
- FBI, FCC, FAA
9)
-
- 67 -
- 2)
, (NIST)
3)
(Ransomware) 1)
10) (2017.2)
- 2016 3 (MedStar Helath)
- (extortion)
1,000
1,000
(FCC)
(Report and Oredr) (2016.11)
-
- (Customer Proprietary
Network Information, CPNI), ,
(Department of Defense) (cyber incidents)
(Defense Industrial
Base Cybersecurity Activities) (2016.10)
-
,
-
10) House Bill 340. Criminal Law - Extortion Unauthorized Software
-
- 68 -
, (2016.10)
-
(Continuous Diagnostics and Mitigation Program, CDM)
- (DHS) CDM ,
10 1
- CDM (DHS)
,
- ,
CDM
, (2016.09)
- 15 9 20 ,
-
-
,
- , , ,
NHTSA ,
- ,
ICIT, (2016.08)
- ICIT(Institute for Critical Infrastructure Technology)
(Hacking Elections is Easy! Part 1: Tactics, Techniques
and Procedures)
- (XP)
-
- 69 -
- ,
- , (FBI) ,
- ,
,
, (2016.08)
- (DOT) (FAA) (The Small
Unmanned Aircraft Regulations/Rules) 2016 8 29
-
, FAA
-
(Homeland Security Act of 2002) 2016
(Cybersecurity and Infrastructure Protection
Agency Act of 2016) (2016.6)
- (National Protection and Programs
Directorate, NPPD) '
(Cybersecurity and Infrastructure Protection Agency)'
, (2016.04)
- (Eastwest) ICS-ISAC(
)
-
-
- 70 -
- ,
- ,
,
, (Hack the Pentagon) (2016.03)
-
- 4 18 5
12 ( 488)
-
,
- 100 ,
- ,
(GAO), (DHS) (EINSTEIN) (2016.01)
- (GAO) (DHS) (NCPS)
, DHS 5
- , DHS (EINSTEIN)
09 12
- GAO NCPS 9
NSD NCPS ,
NSD NCPS
-
- 71 -
US-CERT
US-CERT
(CDM)
US-CERT ,
(CS&C) NCPS
, , ,
, ,
(CS&C)
NSD CDM
, DHS NCPS /
NSD
(ISP)
ICS-CERT, 7 (2015.12)
- ICS-CERT ,
7
- ICS-CERT 7
AWL(APPLICATION WHITELISTING)
/ :
-
- 72 -
.
ITU (Global Cybersecurity Index, GCI) 2016 5 , 2017
2 11
( , , )
2017 GCI
5
0.786 11
0.782 13
ICT ICT 10%
ITU ICT (IDI 2016) 8.37 10 8.84 1
(Access) 8.80 10 8.99 8
(Use) 8.14 8 8.57 3
(Skills) 7.97 35 9.08 3
ITU (GCI 2017) 0.786 11 0.782 13
UN (2016) 0.844 11 0.892 3
WEF (NRI 2016) 5.6 10 5.6 13
ICT (ITU, 2016 ) (ICT)
( ) (%) ( ) (%)
64,025 50.6 28,036 56.1
39,842 31.5 20,556 41.1
164,265 129.8 61,296 122.7
92.0% 92.7%
17 GDP() 4,812
'17 () 126,702
-
- 73 -
1)
)
2020 ,
,
- ,
2016 5 2 6
- , TV ,
- 2009 ,
2015 3,831
2015 6 125
,
- (IPA) 2015 10
-
- 74 -
)
-
- ITU , 2016 3,984 2,000
2.4%
- , ,
- ITU 2011 100% , 2016
1 6,426 5,000 120%
- , 2016
2.3%
- 3G 4G LTE
, (IoT), ,
ICT
: 2014-2016
: ITU(2017.6)
-
- 75 -
2)
)
m
2020
- 2013 3 ,
- () 11) , ,
- ,
, 2011
, 2014 ,
- PC
- ,
- , IoT
m
, 2016
4,704 , /, IP,
11) , , 2015.11
-
- 76 -
12)
- , IP NVR,
(: )
: (2017.2)
, ,
(JNSA)
13) , 2016 4.0%
9,327 9,000
- JNSA 2016 4,705 ,
4,260 4.8%, 8.1%
5.0%
12) , , /, , , 6 . 2015 11
13) 2017, 2017.6
-
- 77 -
( )
: (JNSA),(2017.6)
- , ,
, ID , ,
- , ,
, ,
2016 37.6%(1,767
)
- ID (17.9%), (14.9%)
-
- 78 -
2016
: (JNSA)(2017.6)
2016
40.7%(1,812 )
- (31.2%), (18.2%)
2016
: (JNSA)(2017.6)
-
- 79 -
m
, 2019 5,570 2016
17.8%
- /
2016 2015 4.4% 4,704
- ,
- , ,
, ,
- ,
- , 2016 5 2 6
2019 10 ,
- 2017
- 2018
(: )
: (2017.2)
-
- 80 -
JNSA 2017 5.0% 9,795
- 5,099 , 4,697
4.5%, 5.6%
- 2017
36.5%(1,862 ) , ID
(18.2%), (15.2%)
- 2017
40.5%(1,903 ) ,
(31.1%), (18.6%)
(: )
: (JNSA)(2017.6)
)
m
-
, TV ,
-
- 81 -
-
- , ,
- IP
- 2020 ,
-
IP
- IP
- IP NVR(Network Vedio Recorder) , NAS(Network
Attached Storage) ,
-
- 4K ,
, ,
, ,
-
, ,
- IP , , ,
- , HD-SDI(High Definition Serial
-
- 82 -
Digital Interface) , HD-SDI
- ,
- , ,
PC
- .
, ,
- PC
/
- 2015 2016
- ,
- , 2015
/
-
- 2016
-
- ,
-
- 83 -
- 0.5%
,
-
-
,
- , ,
,
-
- ,
,
- ,
,
-
- / ,
m
-
,
-
- 84 -
-
,
-
,
-
-
(13.7%) ,
18.6%
ID
- ID
(J-Sox) 2015
, 2016
17.9%
-
(CAS) ID
- (APT, Advanced Persistent Threat)
, ,
- , ,
, /
/
-
-
- 85 -
,
2016
: (JNSA)(2017.6)
m
- 2016 30%
2 3
-
-
15.4%
- 2016 1,812 ,
40.7% 2 1
- ,
,
(incident)
- SOC( )
-
- 86 -
-
,
, SI,
- 2005 4
2008 4 (J-Sox) 2004
10 () (BCP)
-
, (P) (ISMS)
-
, ,
- ,
, 2014 2015
- , ,
3~5
2016
: (JNSA)(2017.6)
-
- 87 -
)
m
IP
- IP
,
- Fujitsu, Hitachi, Mitsubishi, NEC, Oki, Panasonic, Toshiba, Sony
IP
- ,
,
IP
Trend
Micro 46.1% 56.4%
2015
: (2015)
-
- 88 -
- Symantec 24.8%, McAfee
19.5% 2 , 3~4
90%
m
q
Mitsubishi
- , , ,
,
-
NEC
- NEC
(NeoFace Monitor)
- PC InfoCage PC Security
- 2017 2 IC MultiWrite
8300
Oki Wintech
- Oki Electric Industry() , ,
- , ,
-
-
- 89 -
Photosynth
- Photosynth 2014
- Akerun
- Akerun
q 14)
Trend Micro
- 1989 1992
Trend Micro ,
1
- 2016 8
VirusBuster
- 2017 8 HITRUST
(HITRUST Cyber Threat Management and Response Center)
-
HITRUST Cyber Threat XChange(CTX)
Fujitsu
- Top 3 Fujitsu
- 2016 8, Fujitsu AZCloud SaaS Discussion
() - ,
- Fujitsu , 2015 10
, ,
14)
NEC, Fujitsu, Hitachi SI NTT, KDDI
. IT , ,
IT SI , SI SI
-
- 90 -
- 2016 9 Fujitsu Biometric Authentication PalmSecure-F Pro
Fujitsu Biometric Authentication Palm Vein Authentication Board
- 2017 7
Automated Indicator Sharing(AIS)
- Fujitsu 2016 8
, , AIS
Hitachi Solutions & Hitachi Systems
-
Hitachi (finger vein)
, Fujitsu
- Hitachi MS SharePoint
SharePoint 2016 10
- SharePoint Online
- ,
, 2016 4
Cylance AI Cylance
PROTECT
- , Hitachi
- Hitachi Systems 2017 3
IoT
- Security Brain IoT
Vinx
- IT ,
-
- 91 -
- Hybrid Series
Hybrid Security , ,
)
m
, , , ,
1/2, 1/2
- () ,
2016 ,
2020
-
- IT , ,
- ,
- ,
m
,
-
- 92 -
-
-
, 2018
,
- ATM 80%
- Fujitsu
1
- ,
3)
)
m
- 2012 8,
-
- 2014 6, IT
-
- 93 -
- 2003 IT
IT
- IT 2014 6 () 2015 ,
() - , 2015 9
3
-
- 2014 11,
2015 1 9
-
,
-
- ' '
-
,
- ,
,
- 2017 2,
-
- 94 -
- 2015 9 2017 5 30
()
-
-
m
- 2010 5 2020
- ,
,
-
- 95 -
- - -
- //
-
- -
/
- - -
- , ASEAN, EU -
- NISC
- -
- / -
: (2010.5)
- 2011 7
-
- 96 -
2012
- 2012 7 (National Information Security Center, NISC)
IT
2012
-
, , SNS, M2M
- , ,
, , , , ,
,
IoT 2017
- 2020 IoT ,
IoT
2017
- 5 (TF) ,
(speed-up), ,
- IoT 2017
- 2015 1 (NISC)
CYDER
- 2015 12
)
-
-
- 97 -
- 2013 2 15 3
IT
-
2001 1 '
(IT )'
- IT (NISC)
-
CSSC(Control System Security Center)
- (APT)
2012 3 , Hitachi, Toyota,
Toshiba, Trend Micro
-
- ,
(NISC)
- NISC , , ,
,
- , (NSC) IT
-
-
- 98 -
JPCERTl (JPCERT/CC, Japan Computer Emergency Response Team Coordination Center)
- ,
(CSIRT, Computer Security Incident Response
Team)
- 1996 , 2009 6
- FIRST(Forum for Incident Response and Security Teams)
CSIRT, CSIRT APCERT
- , (ISDAS, Internet Scan Data Acquisition
System) ,
- , CSIRT
- (IPA, Information-technology Promotion Agency)
Japan
Vulnerability Notes(https://jvn.jp/)
- 2015 9 , 2016 1 3
- ,
- 15)
-
,
)
JISEC ()
15)
. , 2015.9
-
- 99 -
- 2001 'ISO/IEC 15408'27) '
(Japan Information Technology Security Evaluation and Certification Scheme,
JISEC)'
-
CC(Common Criteria)
- , ,
CC
- 3
(IPA)
- 'ISO/IEC 15408' 'JISEC'
(JATE)
- JATE
3
- , ,
(Japan Industrial Standards, JIS)
- , JIS
JIS
- JIS
JIS
- JIS Z 9902(ISO 9002)
(S-Mark)
- ,
S-Mark
S-Mark
-
- 100 -
- S-Mark 3
S-Mark
-
,
- , CS(Cloud
Security)
-
- 101 -
.
ITU (Global Cybersecurity Index, GCI) ,
( , , )
2017 GCI
5
0.783 12
0.782 13
ICT ICT 5%
ITU ICT (IDI 2016) 8.57 5 8.84 1
(Access) 9.24 3 8.99 8
(Use) 8.09 9 8.57 3
(Skills) 8.18 29 9.08 3
ITU (GCI 2017) 0.783 12 0.782 13
UN (2016) 0.919 1 0.892 3
WEF (NRI 2016) 5.7 8 5.6 13
ICT (ITU, 2016 ) (ICT)
( ) (%) ( ) (%) 33,510 52.2 28,036 56.1
25,153 39.2 20,556 41.1
78,529 122.3 61,296 122.7
92.8% 92.7%
17 GDP() 2,496.76
'17 () 64,430
-
- 102 -
1)
)
(IRA)
- 3
EU
-
,
CCTV EU
,
- 2016 5
19 ( 23 )
-
,
-
- ,
- (IS)
,
-
- 103 -
)
m
(IDI ; ICT Development Index)
- 2018
ITU 2010
10 2016 5
-
(Access) (Use)
- (Skills) 2016 29
,
m
2010 1.6%
- ITU
2000 2010 53.8% 2016 52.2% 1.6%
(: , %)
: ITU Statistics DB(2017.6)
-
- 104 -
- British Telecom(BT), KCom, Cable & Wireless
- British Telecom(BT) 170
, , IT
2016 89%
- 2018
-
10Mit/s 2015 92% 2016 95%
- 2016 89% (30Mbit/s
) ,
(%) (Mbit/s)
2015 2016 2015 2016 83 89 29 37 84 90 30 38
77 83 28 34 73 83 27 35
79 85 23 29
: Ofcom, Connected Nations 2016(2016.12.16)
m
- ITU 2005 100% ,
2016 2015 0.9% 9,852 9,373
122.32%
- ,
(SIM)
-
- 105 -
(: , %)
: ITU Statistics DB(2017.6)
- `
, Orange T-Mobile Everything Everywhere(EE)
, BT 2016 1
- (SIM) 2014 140% 2017 150% ,
2
- Sky MVNO SkyMobile , MRT 2018 5
- 4G 2017 93%
- (MNO) 3G , 5G
, Vodafone 2020 3G
LTE 5G
- Ofcom MNO 2017 99%
,
1 5
- 2.6GHz 800MHz 4G 23 4 , Ofcom
2018 5G 5G 4
- 2015 , 2 EE(29%), O2(27%)
, Vodafone(19%) H3(11%) , MVNO
(Tesco Mobile, Virgin Mobile, Lycamobile, Lebara) 14%
-
- 106 -
(2015 )
EE* 29.0%
O2** 27.0%
Vodafone** 19.0%
H3 11.0%
14%
100%
* EE 2010 Orange T-Mobile BT 2016
** O2 Vodafone MVNO GiffGaff(O2 ),
Talkmobile(Vodafone )
: Buddecomm(2017.1)
-
- 107 -
2)
)
m
-
,
- 2007 CCTV CCTV
, 2013 (surveillance roadmap)
- Big Brother Watch 2012
CCTV , , 46.6% 5 1,500
2 7,700
-
, 2017
16)
,
- , ,
, (Gibralta)
- , ,
e-borders
- (Gatwick)
MF
16) Surveillance Camera Commissioner, A National Surveillance Camera Strategy for England and
Wales, 2017.3.
-
- 108 -
-
,
- 17)
- Netcraft ,
(malware)
- , Netcraft
- 2016 6 34,550
200
- (National Security Strategy) 1
- , ,
(UK Defense Cyber Operations Group)
ITU 12
- 2017 11 ITU 12
(13) , , ,
4
- 2015
-
,
17)https://www.ncsc.gov.uk/blog-post/active-cyber-defence-tackling-cyber-attacks-uk
https://news.netcraft.com/archives/2016/11/01/the-chancellor-of-the-exchequer-sets-out-plans-for-the-uk-government-to-work-with-netcraft.html
-
- 109 -
-
-
18)
-
, , ,
Silicon:Safe
-
ICT ,
- 2020
(IoT) 19)
- 2015 BMW
- , 2015
, , , 20)
- 2015
2
- 2013 Foscam
,
-
- , (IoT)
21)
18) How early-stage UK cybersecurity finally upped its game, Cybersecurity Ventures, 2017.3.9.
19) , , Kotra , 2016.8.23.
20) , , Kotra , 2015.12.17.
21) , Kotra , 2017.1.9.
-
- 110 -
- (RAND Europe) IoT
, IoT
55%
- (IoT)
,
m
22) 2016 49
9,400 , 2017 52 3,500
- ,
- 2016 5 5
29 ,
(National Cybersecurity Centre)
- 50 ,
- 2/3
- 2015
- EU (General Data Protection Regulations,
GDPR) ,
4% 2 5
22) United Kingdom Cyber-Security, U. S. International Trade Administration, 2016.7.21.
https://www.export.gov/article?id=United-Kingdom-Cyber-Security
-
- 111 -
(2017)
: U. S. International Trade Administration, United Kingdom Cyber-Security(2016.7)
- 2017 ID
36% , 32%, 30%
, ,
(2017)
: U. S. International Trade Administration, United Kingdom Cyber-Security(2016.7)
Homeland Security Research 2017 5 ,
2015-2020 11.3% 23)
23) UK Homeland Security & Public Safety Market 2017-2022, Homeland security research, May
2017.
-
- 112 -
- ,
(ISIS)
- 2015-2020 11.3%
2010-2015 2~3% 4
- ,
,
- , ,
,
- 2015 , 2016
HD CCTV
- IP CCTV, CCTV, , ,
, CCTV HD
2016 CCTV 550~600
- 2015 11 2016 3
,
CCTV
)
m
CCTV
- 2007 CCTV 1
400
- 2009 28.2% CCTV 2008
2010
-
- 113 -
- 2011 8
2012
2
(low-scale)
- (low-scale) ,
DVR, , , CCTV
m
4,800
26
-
- 5 15% 20
, 100 2%
- 100
1,000 , 500
1
- 20~49 , 500
1,000
-
-
- 114 -
- Barnes Reports , 70%
10% 492
m
-
- 2011-2015
BAE Systems 13
(NCSP : National Cyber Security Programme) ,
,
2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 2025
302 322 345 368 393 420 449 479 512 546 583
- 6.6 7.1 6.7 6.8 6.9 6.9 6.7 6.9 6.6 6.8
( : , %)
: SDI, The Cyber Security Market in the United Kingdom to 2025: Market Brief(2016.3)
- SDI 2015
3 200 ,
1 3,500 9,000
, 5,000 , 2,700
- , 6.5%
, 2025 2 5,300 ,
-
- 115 -
7% 2025 1 7,700
-
2025 9,400
5,800
2015 20252015-25
2015-25
(%) 135 253 2,100 6.50
90 177 1.400 7.00
50 94 774 6.50
27 58 449 8.00
302 583 4,700 6.79
( : )
: SDI, The Cyber Security Market in the United Kingdom to 2025: Market Brief(2016.3)
m
2015~25
- SDI 2015~25
44% 30%, 16%
10%
-
-
- 116 -
( :, %)
2016 2017 2018 2019 2020 2025
322 345 368 393 420 583 100.0 100.0 100.0 100.0 100.0 100.0 6.6 7.1 6.7 6.8 6.9 6.8
144 153 163 174 185 253 45 44 44 44 44 43 6.7 6.3 6.5 6.7 6.3 6.3
96 103 110 118 126 177 30 30 30 30 30 30 6.7 7.3 6.8 7.3 6.8 7.3
53 57 61 65 69 94 17 17 17 17 16 16 6.0 7.5 7.0 6.6 6.2 6.8
29 32 34 36 40 59 9 9 9 9 9 10 7.4 10.3 6.3 5.9 11.1 7.3
: SDI, The Cyber Security Market in the United Kingdom to 2025: Market Brief(2016.3)
)
m
q
-
-
SI
-
,
- , ,
-
- 117 -
- HD CCTV,
,
- ,
,
-
q
- ,
, 4
-
, ,
HW/SW
-
- (MoD), (M15),
(M16)
- 2015 3 7,600
SDI
2023 12%
-
- 118 -
2015 2016 2017 2018 2019 2020 2021 2022 2023
376 411 453 498 548 613 687 790 908 12%
( : )
: SDI, The Cyber Security Market in the United Kingdom to 2025: Market Brief(2016.3)
- 2013
9,300
32% 2023
2 9,400
2013 2023 13-23
93 294 1,900 12.3
80 240 1,600 11.6
70 214 1,400 11.8
50 160 1,000 12.4
293 908 5,900 12.0
( : , %)
: SDI, The Cyber Security Market in the United Kingdom to 2025: Market Brief(2016.3)
-
- : (Department for Work and Pensions), (Ministry
of Justice)
- :
,
IT
- , , :
-
- 119 -
-
, , ICT
, HW/SW, VAR
-
SW
- ,
- A/S
,
- HW/SW
-
, ICT , HW/SW , VAR
- ,
m
G4S plc
-
, , , , , , ,
-
- 120 -
- , , , ,
,
- , , ATM ,
- , , , , ,
- : Home Page - http://www.g4s.com/
Tel.- 44(0)208-770-7000
Exclusive Networks
- VAD(Value Added Distributor)
20 SW
- , , , , . , , ,
, , , ,
- 20 SW FireEye, Fortinet, SafeNet, Aerohive,
Arbor, Aruba, Bit9, Palo, Alto 13
- : e-Mail [email protected]
Home Page - www.exclusive-networks.co.uk
Tel. - 0845-521-7217, Fax - 01420-544799
Sophos
- 1985
- : (UTM : Unified Threat Management), , ,
, , SW/HW , 1985
- Sophos
- , , , , 12, 1700
- : Home Page - http://www.sophos.com
e-Mail : [email protected]
-
- 121 -
Nexor
- 1989 1992
- ,
ISODE(ISO Development Environment)
(MMHS : Military Message Handling System)
- : Home Page - http://www.nexor.com/nexor-ukti
Tel. -44(0)115-952-0500, e-Mail : [email protected]
Intercede
- 1992 ID MyID
24
- Lutterworth ,
- MyID GSA ID
- , , ,
ID
- BT, Gemalto, HP, Microsoft, Safenet, Symantec Thales
- : Home Page - http://www.intercede.com
Tel.- 44(0)1455-558-111, e-Mail [email protected]
ECSC
- 2000 200
(Managed Security Services, MSS)
2016 20%
- ECSC ,
(Penetration Testing), (Payment Card
Industry, PCI) ISO 27001
- ECSC , , , ,
e-commerce
, FTSE 10024)