Press Release:

OPAQ Raises $22.5M to Finance Go-To-Market and Accelerate Growth

Funding Follows Pivot to 100 Percent Channel Sales Model, Strategic Product Integrations and New Partnerships to Make Security-as-a-Service Accessible to Midsize Enterprises


OPAQ, the network security cloud company, today announced it has closed a $22.5 million Series B round of financing led by new investor Greenspring Associates, with continuing participation from Columbia Capital and Harmony Partners. The funds will be used to accelerate growth and support the Company’s go-to-market initiatives for delivering security-as-a-service to midsize enterprises via its strategic security channel partners.


OPAQ also announced that Hunter Somerville, Partner at Greenspring Associates, will join the OPAQ’ Board of Directors.


According to a recent report by market intelligence company TMR, increased uptake from small and medium-sized enterprises will help the global cyber security-as-a-service market thrive. TMR estimates the market will reach US$87.59 billion in revenue by 2025, rising from US$30.91 billion in 2016, with a 12.5% increase in CAGR from 2017 to 2025.


“OPAQ has redefined the security-as-a-service market. Its demonstrated progress to date and strategic acquisitions place the Company in a position of real market leadership,” said Hunter Somerville, Partner at Greenspring Associates. “OPAQ joins an existing and prior portfolio of cyber security company investments like Proofpoint and Cloudflare. I look forward to working with the veteran security management team at OPAQ to continue to capitalize on this large and rapidly growing market opportunity.”


In the past three months, OPAQ has announced a strategic partnership with Palo Alto Networks, introduced the first-of-its-kind microsegmentation technology for endpoints and acquired business intelligence/reporting automation specialists FourV Systems. The OPAQ cloud security platform has also been named Best Network Security Solution in the GSN Homeland Security Awards, and shortlisted as a finalist for both Best Emerging Technology in the 2018 SC Excellence Awards and Best Security-as-a-Service Solution in the Cyber Defense Magazine InfoSec Awards.


“OPAQ has built and delivered the most advanced high-performance platform for providing Fortune 100-grade network security to midsize enterprises, a capability that has been missing in this segment of the market due to deployment complexity, lack of resources and affordability,” said Glenn C. Hazard, Chairman and CEO of OPAQ. “This latest round of financing provides the necessary resources to accelerate our go-to-market plan, continue to expand our focus on channel partners and overall market adoption.”


OPAQ empowers service providers with a single integrated/automated portal to deliver and manage best-of-breed network security for midsize enterprises. The OPAQ Cloud platform combines a fully encrypted private network backbone with continuous monitoring, compliance analytics/reporting, next-generation firewall, web application firewall, DDoS mitigation, microsegmentation and automated security management capabilities that are all powered by industry-leading technologies and OPAQ intellectual property.


About Greenspring Associates

Established in 2000, Greenspring Associates provides venture capital solutions to a diverse group of institutions and individuals worldwide. Through a synergistic platform, the firm backs companies throughout their lifecycle, invests in established and emerging fund managers and serves as a liquidity provider through fund and direct secondary investments. An experienced investor in the cyber security, cloud and virtual networking verticals, Greenspring Associates has historically backed companies like Proofpoint (NYSE: PFPT) Cloudflare, Docker, Nutanix and Cologix. The firm currently manages over $6.3 billion in assets across multiple strategies. For more information on Greenspring Associates and its full investment portfolio, please visit


Press Release:

OPAQ Acquires FourV Systems to Enhance Security Operations Management Automation

Acquisition Augments OPAQ Security-as-a-Service Platform with
Performance and Regulatory Compliance Measurement, Monitoring and Reporting


OPAQ, the network security cloud company, today announced it has acquired FourV Systems, maker of GreySpark, which provides actionable business intelligence for managing security operations. The patented GreySpark technology will be integrated into the OPAQ Cloud platform and enable managed service providers (MSPs) and managed security services providers (MSSPs) to automate the assessment of midsize customers’ security architecture and regulatory compliance maturity.


Effectively communicating the need for and value of security investments to business decision makers is often a challenge for MSPs and MSSPs. The integration of FourV’s risk and executive reporting platform now enables OPAQ channel partners to provide automated security metrics and key performance indicators to non-technical management in terms that are easy to understand.


“The OPAQ Cloud platform already makes it simpler for service providers to deliver and manage Fortune 100-grade security for their midsize enterprise customers,” said Ken Ammon, Chief Strategy Officer of OPAQ. “The integration of FourV Systems’ GreySpark further enables our partners to demonstrate to customers the value of the security services they are providing.”


“OPAQ shared our vision for automating security operations management, and we felt their focus on providing a turnkey, enterprise-grade solution for MSPs and MSSPs will revolutionize offerings in that market,” said Derek Gabbard, President of FourV Systems. “From a technical standpoint, GreySpark was a natural fit for the OPAQ Cloud platform. It provides a transparent overlay that gathers the intelligence and metrics service providers need to manage and report on the security and compliance posture of their customers to both IT and business leaders.”


The Power to Capture and Communicate Security Value to Customers

Manual security data collection, analysis and reporting is a high cost component for MSPs/MSSPs, and is difficult to scale across large customer bases. The acquisition of FourV Systems extends the OPAQ Cloud platform with automation and machine learning in a way that dramatically reduces the time and expense associated with manual reporting. OPAQ now arms service providers with metrics that transparently demonstrate the efficacy of security programs in the context of business and control frameworks including the NIST CSF, CIS, PCI, GDPR, the new Handbook for Election Infrastructure Security, and more.


FourV’s technology also automates many security management operations, enhances managed detection and response (MDR) activities, and provides the following benefits for OPAQ channel partners:


  • Enables MSPs/MSSPs to perform cost-effective performance assessments at scale
  • Frees expensive security analyst resources from tedious report writing so they can focus on hunt and response activities
  • Automates the gathering and analysis of distributed data sets necessary to produce continuous risk management and compliance reporting
  • Streamlines compliance assessments and audits by mapping and visualizing controls to the corresponding NIST CSF operational security functions


About the OPAQ Security-as-a-Service Cloud Platform

The OPAQ Cloud platform enables service providers to make best-of-breed network security capabilities accessible to midsize enterprises. It combines a private network backbone with next-generation firewall, web application firewall, DDoS mitigation, and software-defined segmentation capabilities that are powered by industry-leading security technologies and OPAQ intellectual property. OPAQ is the only company that offers this depth and breadth of security-as-a-service.



The OPAQ Cloud platform with FourV Systems’ GreySpark will be available in Spring 2018.


Press Release:

OPAQ Integrates Network Microsegmentation into Security-as-a-Service Cloud

Software-Defined Network Segmentation Provides Comprehensive Visibility and Control to Prevent Lateral Attacks, Contain Breaches and Quarantine Hosts


OPAQ, the network security cloud company, today announced the addition of microsegmentation for workstations and other endpoints to its OPAQ Cloud platform to prevent lateral attacks, contain breaches and quarantine infected hosts. The patent pending OPAQ PathProtect™ technology provides unprecedented visibility and control over network activity and the ability to locally enforce security policies on devices from the cloud.


Centralized Network Control, Local Security Enforcement From the Cloud

Perimeter security is designed to protect against external North-South threats, not internal East-West attacks that move laterally between workstations, servers, and other endpoints. Once an attack successfully bypasses the security perimeter and compromises a host, malicious traffic can spread undetected throughout the internal network. According to Gartner, “In security, network segmentation is concerned with dividing up the network into zones to aid in compliance, security, risk and maintaining control.”*


OPAQ PathProtect™ enables organizations to easily and flexibly implement  network segmentation from the OPAQ Cloud without using VLANs or firewalls. It provides device-based visibility and control from the cloud to protect against insider and external attacks. OPAQ PathProtect™ is fully integrated with other enterprise-grade security capabilities, including next-generation firewall, web application firewall and DDoS mitigation, accessible as-a-service from the OPAQ Cloud.


OPAQ PathProtect™ monitors hosts and learns traffic patterns, classifies them, and allows for the creation of security policies that can be applied based on IP address, Host ID, or user identity.


Microsegmentation for Endpoints, Not Just Data Centers

Since OPAQ PathProtect™ is enforced on the endpoint, not the network, it supports the following capabilities and use cases:


  • Network Access Control (NAC) to assign what resources hosts and users can access on the network. For example, unmanaged hosts can be prevented from accessing sensitive servers, and are identified and cataloged when they send traffic.
  • Multi -Factor Authentication (MFA) integration enables step-up authentication to tighten security for VPN access and within the internal network.
  • Granular Segmentation which is completely separate from the physical network architecture or network addressing, can be used to segment specific devices, applications, and data.
  • Quarantine allows organizations to quickly isolate infected hosts from sensitive resources at the touch of a button.


“Companies are struggling to implement and manage a microsegmentation strategy that adheres to Zero Trust security principles,” said Tom Cross, Chief Technology Officer for OPAQ. “This is particularly true for midsize enterprises that lack the expertise and resources to defend against lateralization attacks. OPAQ PathProtect™ provides a powerful, simple, and flexible tool that enables our channel partners to implement software-defined network segmentation-as-a-service from the cloud. This is a first for the industry.”



OPAQ PathProtect™ will be available spring 2018 as part of the OPAQ Cloud from authorized OPAQ channel partners. It supports Windows desktops and servers, MacOS and Linux.


*Gartner “Best Practices for Network Segmentation for Security” Greg Young, Refreshed: January 4, 2018, Published: July 28, 2016.

Press Release:

OPAQ Joins Palo Alto Networks NextWave Partner Ecosystem

Adds Next-Generation Firewalls to its Security-as-a-Service, Simplifies Access to Enterprise-Grade Security for Midsize Companies


OPAQ, the network security cloud company, today announced it has joined the Palo Alto Networks® NextWave Partner Ecosystem, a community of world-class security experts and leaders committed to preventing and making breaches a thing of the past. As a NextWave Partner, OPAQ enables managed services providers (MSPs), managed security services providers (MSSPs), and value-added resellers (VARs) to deliver Palo Alto Networks enterprise-grade security as a cloud service to midsize companies.


According to research firm Gartner, Inc., “Midsize enterprises lack the staffing and budgets to invest in the latest technologies and defensive techniques, making it difficult to keep up with the number and variety of data security threats[1].” By making Palo Alto Networks Next-Generation Firewall capabilities available as a cloud service, OPAQ enables channel partners to eliminate barriers for their midsize customers.


“We chose Palo Alto Networks to be an integrated component of our network security-as-a-service because they are a proven technology leader,” said Ken Ammon, Chief Strategy Officer for OPAQ. “The addition of Palo Alto to the networking and security stack of the OPAQ Cloud enables our channel partners to deliver advanced security protection to midsize enterprises in a simple, fast and flexible way.”


The OPAQ Cloud is a private network backbone that enables service providers to deliver tightly integrated enterprise-grade security capabilities and centrally manage and enforce policies through a single, web-based portal. It enables OPAQ channel partners to profitably scale their business by eliminating hardware/software investments and onsite service calls. In addition to the Palo Alto Networks Next-Generation Firewall capability, the OPAQ Cloud delivers web application firewall, DDoS mitigation, software-defined segmentation, and other security capabilities that are powered by leading enterprise-grade security technologies and OPAQ intellectual property.


“OPAQ has created an exciting new market opportunity for our business,” said Tom Turkot, Vice President, Client Solutions for Arlington Computer Products. “Our midsize customers need the same security as large enterprises, but many of them feel hamstrung because of the resources and expertise required to implement advanced protection technologies. OPAQ’s as-a-service model and intuitive portal make it easy for us to deliver enterprise-grade protection to them.”


OPAQ recently announced its Channel Partner Program and the company’s transition to a 100 percent indirect sales model.

[1] Gartner, Inc., Midsize Enterprises Need to Prioritize Their Data Security Defenses, Brian Reed and Neil Wynne, 17, October 2017.

Press Release:

OPAQ Named Finalist for Best Emerging Technology in 2018 SC Excellence Awards

OPAQ’s Security-as-a-Service Enables Midsize Companies to Access Enterprise-Grade Security Without the High Cost and Complexity


OPAQ, the network security cloud company, today announced its OPAQ Cloud is a finalist in the coveted Best Emerging Technology category of the SC Media 2018 Excellence Awards. This annual competition recognizes the most innovative solutions for protecting the corporate world from cyber threats.


Now in its 21st year, the SC Awards are widely regarded as the gold standard of accomplishment for cybersecurity professionals, products and services. OPAQ and other finalists are listed at Winners will be announced at the SC Awards ceremony on April 17, 2018 in San Francisco during the RSA Conference.


“OPAQ has demonstrated unique innovation in its approach to protecting companies from the onslaught of malicious attacks and other threats,” said Illena Armstrong, VP, Editorial for SC Media. “Their solution represents some of the most effective security technology on the market today.”


“Being a finalist for Best Emerging Technology in the SC Awards is powerful validation for how the OPAQ Cloud is enabling organizations to more easily and cost-effectively protect their networks,” said Stephen McCarney, vice president of marketing for OPAQ. “Today’s threat environment is increasingly sophisticated and rapidly evolving. OPAQ combines security automation and orchestration as a service which allows organizations to dramatically improve their security posture, and instantly adapt and respond to new threats, in ways they otherwise could not.”


Enterprises are struggling to defend extended IT footprints that span networks, cloud applications, mobile users, IoT and more. The OPAQ Cloud enables service providers to make best-of-breed network security capabilities accessible to midsize enterprises. It combines a private network backbone with next-generation firewall, web application firewall, DDoS mitigation, and software-defined segmentation capabilities that are powered by industry-leading security vendors and OPAQ intellectual property. OPAQ is the only company that offers this depth and breadth of security-as-a-service.


About SC Media

SC Media is cybersecurity. For over 25 years, they have armed information security professionals with in-depth and unbiased information through timely news, comprehensive analysis, cutting-edge features, contributions from thought leaders, and independent product reviews in partnership with and for top-level information security executives and their technical teams. In addition to their comprehensive website, SC Media offers magazines, eBooks, and newsletters. They also host digital and live events such as SC Awards and RiskSec NY to provide cybersecurity professionals all the information needed to safeguard their organizations and contribute to their longevity and success. Follow on Facebook and Twitter. For more information or to register for the 2018 SC Awards gala, visit

Press Release:

OPAQ Named Best Network Security Solution in 2017 GSN Homeland Security Awards

OPAQ Cloud Receives Platinum Award for Delivering Enterprise Security-as-a-Service


OPAQ, the network security cloud company, today announced its OPAQ Cloud platform was selected best Network Security/ Enterprise Firewall solution in the 2017 GSN Homeland Security Awards.


Now in its 9th year, the GSN Homeland Security Awards program hosted by Government Security News (GSN) recognizes excellence and leadership in the Cyber Security and Homeland Security sectors. Winners were selected based on a combination of technological innovation, ability to address a recognized government IT security need, and flexibility to meet both current and future needs. Category winners were ranked with Platinum, Gold and Silver designations. A complete list of winners is posted at:


“It’s an honor for OPAQ to be recognized by GSN for the value the OPAQ Cloud is delivering to government,” said Glenn C. Hazard, Chairman & CEO of OPAQ. “Our service is enabling our partners to provide robust enterprise-grade network security to state and local governments in the most cost-effective, scalable way.”


The OPAQ Cloud is a private network backbone that enables service providers to deliver tightly integrated enterprise-grade security capabilities and centrally manage and enforce policies through a single, web-based portal. It allows OPAQ channel partners to profitably scale their business by eliminating hardware/software investments and onsite service calls. It combines next-generation firewall, web application firewall, DDoS mitigation, software-defined segmentation, and other security capabilities that are powered by leading security technologies and OPAQ intellectual property.

Press Release:

OPAQ Pivots to 100 Percent Channel Sales Model With New Partner Program

Network Security Cloud Platform Enables Partners to Provide Security-as-a-Service to Midsize Enterprises


OPAQ, the network security cloud company, today announced a 100 percent channel sales model and launched its Channel Partner Program, which enables service providers to deliver best-of-breed network security previously out-of- reach to midsize enterprises. All without any capital investments in hardware or software.


Managed services providers (MSP) and managed security services providers (MSSP) are supporting midsize enterprise customers in their efforts to cost-effectively combat increasingly sophisticated cyber-attacks with limited technical resources. According to research firm MarketsandMarkets, the Security-as-a-Service market size is estimated to grow from USD 3.12 Billion in 2015 to USD 8.52 Billion by 2020, at a Compound Annual Growth Rate (CAGR) of 22.2%.


“Security is a top priority for our midsize customers, but the enterprise-grade protection they really need has been out of their reach because of its cost and complexity,” said Tom Turkot, Vice President, Client Solutions for Arlington Computer Products. “The OPAQ Cloud is a game changer. It allows us to make robust network security accessible to our midsize customers in a very simple and flexible way.”


The OPAQ Cloud combines next generation network security, application and SaaS firewall, web application firewall, DDoS mitigation and software-defined segmentation capabilities. It enables partners to deliver end-to-end network security across distributed infrastructures — including data centers, branch offices, mobile and remote workers, and IoT devices. OPAQ allows value added resellers (VAR) and service providers to profitably scale their business by eliminating hardware/software investments and onsite service calls through centralized provisioning, configuration and management of security services from a web-based portal.


“Security is the next hyper growth market opportunity for the channel, but traditional hardware and software models are both capital intensive and complex to deploy and manage,” said Ken Ammon, Chief Strategy Officer for OPAQ. “Our cloud-based platform eliminates these roadblocks for partners, and makes becoming a security services provider a simple online provisioning, configuration and management exercise.”


Program Highlights

The OPAQ Channel Partner Program includes a comprehensive set of go-to-market support, financial incentive and training resources. It is designed to empower partners to profitably deliver the industry’s leading network security-as-a-service solution to midsize enterprise customers. The program is backed by dedicated sales and support teams, and includes:

  • Rapid on-boarding
  • Deal registration
  • Superior margins
  • Market development funding (MDF)


For more information and to apply for the OPAQ Channel Partner Program visit:

Press Release:

OPAQ and Silver Peak Bring Secure SD-WAN to Miles & Stockbridge

New alliance empowers leading law firm with the most comprehensive security-as-a-service protection available, integrated with a flexible, high-performance SD-WAN solution


OPAQ has entered into a strategic alliance with broadband and hybrid WAN leader Silver Peak to deliver an integrated security and software-defined wide-area network (SD-WAN) solution to Miles & Stockbridge P.C., a leading law firm with multiple distributed offices across the mid-Atlantic region. The new OPAQ and Silver Peak alliance provides Miles & Stockbridge with the ability to deploy its network with performance, flexibility and cost advantages, along with comprehensive security protection.


Miles & Stockbridge is progressive in its use of advanced technology, yet was challenged with securing its complex network with limited networking and security staff. OPAQ’s security-as-a-service platform empowers Miles & Stockbridge with a simpler, centralized and more cost-effective way to manage fully integrated security services for their network. The Silver Peak Unity EdgeConnect SD-WAN solution proved compelling given its ability to connect Miles & Stockbridge attorneys and employees to applications with the flexibility to use any combination of underlying transport technologies, including consumer broadband, without compromising network or application performance. The combination of the OPAQ Cloud and the EdgeConnect SD-WAN solution lowers costs and enhances the firm’s productivity and client service agility.


The integrated OPAQ and Silver Peak solution provides Miles & Stockbridge with the following advanced network and security capabilities:


  • Sub-second ISP failover
  • Dynamic path conditioning
  • Broadband high availability
  • Network quality of service
  • Network security policy enforcement
  • Comprehensive threat inspection
  • Full network and security reporting
  • Centralized security management, logging, and visibility


The firm is also leveraging Silver Peak First-packet iQ to identify and classify applications on the first packet and automatically steer traffic, in compliance with security policies, directly to the Internet from each branch location to the OPAQ Pods. By enabling granular Internet breakout, Miles & Stockbridge eliminates the increased latency and bandwidth costs associated with backhauling applications traffic through the data center.


“In a busy law firm like ours, it is challenging to consistently manage the appropriate risk/security posture while delivering the network and application performance which our employees need to service clients,” says Tim Rodgers, IT Operations Manager at Miles & Stockbridge. “Now, by working with OPAQ and Silver Peak, we have lowered our risk and have a faster, more reliable network that operates securely and at the speed of business.”


“Many mid-market organizations face the same need for faster, more reliable networking and simplified, centralized security,” says Kenneth Ammon, Chief Strategy Officer of OPAQ. “Traditionally, organizations would expect to sacrifice speed and performance for security. This strategic alliance really represents that this former reality is merely a myth – and that myth is now debunked.”


“For geographically distributed firms like Miles & Stockbridge, the cloud and WAN are critical to connecting users to applications and ultimately the firm’s success,” said Pat Gilbreath, vice president of North America sales at Silver Peak. “The combination of the OPAQ security as-a-service platform and EdgeConnect provides Miles & Stockbridge with the ability to establish and enforce robust network-wide security policies, while taking advantage of broadband connectivity, to confidently maintain the application service levels required to go the extra mile in servicing its clients.”


About Silver Peak

Silver Peak is the global leader in broadband and hybrid WAN solutions. Silver Peak offers a high-performance SD-WAN solution that provides secure and reliable virtual overlays to connect users to applications with the flexibility to use any combination of underlying transport without compromising application performance. This results in greater business agility and lower costs. More than 2,000 globally distributed enterprises have deployed Silver Peak broadband and hybrid WAN solutions across 80 countries. Learn more at

Press Release:

OPAQ Strengthens Security Service with Drawbridge Acquisition

The company’s second acquisition this year adds powerful monitoring and micro-segmentation technology to its security-as-a-service platform, helping customers identify and isolate attacks before they spread throughout their network


OPAQ has acquired Drawbridge Networks, a provider of micro-segmentation solutions, boosting the company’s intellectual property, expanding its customer footprint, and enhancing its customers’ ability to identify, monitor, and defend against cyberattacks. This was OPAQ’s second acquisition of 2017, and builds on the previous acquisition of Bat Blue Networks; terms of the Drawbridge deal were not disclosed.


Perimeter security is a must-have for all organizations, serving as the front-line of defense against intruders targeting sensitive data and systems. In recent years, attackers have become increasingly sophisticated, employing techniques that bypass traditional defenses. As a result, organizations have had to enhance the defense of their internal networks by protecting their east-west traffic. This is where micro-segmentation can help. Micro-segmentation allows fine-grained security policies to be assigned to specific users and workloads. Using micro-segmentation, a company can automatically quarantine malicious activity before it advances laterally within a network.


OPAQ is integrating Drawbridge’s micro-segmentation technology into its security-as-a-service platform, which delivers robust security capabilities in a single cloud-based service, one that organizations can turn on and scale instantly. Drawbridge’s technology augments OPAQ’s existing service offering by deploying software agents on network endpoints, such as laptops and servers. These agents communicate with a central controller, which can be accessed and managed through OPAQ’s customer portal, providing users with greater visibility and control over who accesses assets on their network, how they do it, and for what purpose.


“We’ve been working with several organizations that had real concerns around insider threats and supply chain risks,” says John Terrill, CEO of Drawbridge Networks. “Most organizations’ internal networks are fairly flat. Using our approach to micro-segmentation significantly reduced their attack surface and let them see and shut down attacks.”


“Combining automation capabilities with software defined network security technologies such as micro-segmentation can help mid-tier organizations realize the true business benefits of network security as a service,” says Dan Cummins, Senior Security Analyst at 451 Research. “Network security policy provisioning is traditionally among the most technical and time-consuming challenges for companies of all sizes. Software defined segmentation, however, can enable easier provisioning and enforcement of security policies. Quality software defined network segmentation is oriented around organization, data and application classification, privacy, user functions and compliance — business constructs rather than the hardwired constraints of underlying infrastructure.”


“This acquisition not only sets OPAQ further apart from other security-as-a-service providers,” says OPAQ CEO Glenn Hazard, “it also perpetuates our vision of transforming how security is delivered – from the cloud, in a way that empowers customers to reduce risk, cost and product fatigue.”


Drawbridge Networks was founded in 2014 by cybersecurity veterans John Terrill and Tom Cross, who set out to deliver a unique approach to network micro-segmentation that would allow organizations to learn, detect and automatically respond to internal attacks. The company has employees in Atlanta and New York. Along with their Drawbridge colleagues, Terrill and Cross have joined the OPAQ organization. Terrill has taken the role of Chief Information Security Officer and Cross becomes OPAQ’s Chief Technology Officer.

Press Release:

Study Reveals Major Shift In How Mid-Market Companies Achieve Network Security

451 Research study commissioned by OPAQ reveals 72% prefer security-as-a-service over Managed Security Provider, on-premise solutions


OPAQ, a Security-as-a-Service provider, today announced the results of its Network Security Study conducted by industry analyst firm 451 Research. The study examines the security needs, challenges, and spending priorities of mid-tier businesses.


The study revealed that mid-tier companies are battling a black hole of time, security expertise, and budget to procure, implement, and manage a variety of security products. 82 percent of respondents indicated they spend 20 to 60 hours of in-house staff resources a week to do that. Despite the well- documented challenges associated with finding and retaining security professionals, the study revealed that nearly three-quarters of the respondents dedicate between 3-5 full-time employees to manage their security. The financial hit to mid-tier businesses is an average of $178,000 annually just for network security, which represents 39 percent of an organization’s total IT security budget.


According to the study, the financial burden will continue to increase, and signs point to network security as a significant business priority. Network security spending will grow nearly twice as fast as overall IT security spending over the next five years, projecting a compound annual growth rate (CAGR) of 8.9 percent, from $2.4 billion in 2016 to $3.5 billion in 2021. Forty percent of respondents project their spending on network security will increase between 10 to 20 percent in the next 12 months.


“The security challenge for mid-tier businesses is multi-dimensional. For these businesses, everything seems to be increasing—attack frequency, compliance requirements, complexity, costs, and the number of security products that need to be managed,” said Daniel Cummins, analyst at 451 Research. “Cloud-based security-as-a-service offers potentially significant advantages in terms of simplicity and access to security that may prove to be less complex and expensive than traditional approaches.”


Security-as-a-Service Model Winning Over Mid-Market Companies

The study heralded a potentially seismic shift in the channel ecosystem and how security is delivered to mid-tier businesses.


Nearly 40 percent of respondents indicated part-time employees, contractors, and Managed Security Service Providers (MSSPs) manage their security workload. However, 72 percent of respondents indicated a preference for security-as-a-service compared to MSSP (9 percent) or on-premise (19 percent) solutions for managing security.


“We thought there would be a preference for the ease and simplicity of security-as-a-service solutions, but we were genuinely surprised by both the degree and urgency of the market demand. 87 percent of respondents said their timing for migrating to this type of network security delivery model was within a 12 month time frame,” said Ken Ammon, Chief Strategy and Technology Officer, OPAQ. “MSSPs are and will continue to play an important role in advising and supporting incident response, but this study reveals that MSSPs should look to leverage cloud-based solutions in order to deliver what the market is demanding.”


Other significant findings from 451 Research’s Network Security Market Study include:


  • The most desired cloud-based security capabilities were data loss prevention, network access control, and encryption, followed by threat management, application control, SSL decryption, and URL filtering.
  • The top cloud-based security use cases cited were threat management and branch office enablement and optimization, followed by multiprotocol label switching (MPLS) displacement, MSSP displacement, on-demand security, and securing SaaS applications.
  • More than 60 percent cited legacy IT as the greatest barrier to improving visibility and control within their networks, followed by lack of budget at 27 percent.


The 451 Research study, which was fielded during the first quarter of 2017, surveyed 301 IT security professionals at US-based businesses with 500 to 2,500 employees.


To download the 451 Research report and to access report infographics, visit