Post on 07-May-2015
description
FIXNIX GRC(GOVERNANCE, RISK & COMPLIANCE) PITCHBOOK
Chief Nixer
GRC
ENERGY SO
URCE
FixNix: Salesforce for GRC…
Our firm is heavily inspired & shamelessly copying strategic thought processes of successful startup firms like asana, zoho, salesforce & amazon making an entry into untapped problem areas. All of them have made a mark and created a niche in their respecSve verScals. We’ll tell where we get our source of energy… ² The inspiraSon for the flat organizaSon and same designaSon comes from Asana
² marrying SMB & InformaSon Security came from Zoho
² Making use of cloud in big way came from Salesforce
² DemocraSzing a closed circuit verScal came from AWS, Linux and many
We’re looking at creaSng one in the coming days ahead in the informaSon security field helping Small, Medium Business.
ABO
UT U
S…
The Nixer team
IT GRC
Annie Harsha
Enterprise GRC
Ghayathri Ramya Padma
Cloud
Saravana Shyam
InfoSec Services
ISO 27001-‐ Audit & ImplementaSon
Ashok Sandeep Raj
Staff Augmenta
Son
Kayal
q Certified Chief Information Security Officer (C-CISO)
q Alma mater of IIIT Masters in technology (Computer Science).
Want to onboard advisors formally into board, CxO team post funding. Advisors •Mr. Sundar, Integra Sodlabs •Mr. VenkySivaraman, Head Strategy -‐Ivymobility •Mr. Edward, Director -‐ PwC US •Mr. Balasubramanian, Compliance Leader – IBM •Mr. AbhayDeshpande, CEO -‐ Reasoning
•Mr. Tharmarajan – ixCFO •Mr. Sridhar, Super CreaSons •Mr. Ravi – Adirosys •Mr. Maharajan – Testnex •Mr.Ananda Deekaram – Palmefo consulSng
q Worked in Microsoft & IBM q 10 years of experience in various
Information Security domains.
Shanmugavel Sankaran Chief Nixer
SMB IN
FOSEC
Business Overview
Fix Nix is an InformaSon security company born on a vision to redefine ‘Security’ at all Small & Medium Enterprises (SME) and to provide affordable, feasible, agile, lean InformaGon Security Management System (ISMS) through Cloud in SaaS (Security as a Service) model at low operaSon maintenance with same resource & minimal budgetary allocaSon. The main objecSve of our concept is to pass back the saving to customers through inexpensive infrastructural architecture and investments for the soluSon.
Product A fully Integrated FixNix GRC uses a single core set of control material, mapped to all of the primary governance factors being monitored. The use of a single framework also has the benefit of reducing the possibility of duplicated remedial acSons. IT GRC systems that can take informaSon feeds from one or more sources that detect or sense deviaSons, defects or other paferns from security or business applicaSons. This can include acSve sensor technologies such as those to protect, monitor and manage informaSon networks and systems. eGRC (Enterprise GRC) that allows the impact of mulSple primary regulaSons to be tracked and correlated in one system.
Service
-‐ Virtual CISO -‐ Managed Security Services -‐ Audit Services -‐ ISO 27001 ImplementaSon -‐ InformaSon Security Training and Awareness -‐ Web ApplicaSon Security and PenetraSon TesSng.
GRC M
ARKET Business Overview
Fix Nix is an InformaSon security company born on a vision to redefine ‘Security’ at all Small & Medium Enterprises (SME) and to provide affordable, feasible, agile, lean InformaGon Security Management System (ISMS) through Cloud in SaaS (Security as a Service) model at low operaSon maintenance with same resource & minimal budgetary allocaSon. The main objecSve of our concept is to pass back the saving to customers through inexpensive infrastructural architecture and investments for the soluSon.
Target Address Market (TAM)
All Small & Medium Enterprises (SME)
Need of affordable, feasible, agile, lean Information Security Management System (ISMS)
Affordable to pay $10000
Want to make the security books 'anytime' ready for regulatory, legal compliance.
Need of a system to nix the security issues in the grass roots itself.
Who need of Governance, Risk Management and
Compliance
Who need of data protecGon
Who need of ISMS,GRC framework
Who are keen to comply with ISO 27001/ PCI DSS/ HIPAA, many other
regulaGons, standards
GE
OG
RA
PH
Y
ISO reports “India tops second in the list in of top 10 countries for
ISO/IEC 27001 Certificates”
Countries like Japan stays in topline growth always. New
players like Romania, China are coming close…
Size of the market in 2012 is 1200 crores Expected to grow at 18 % to 1400 crores in 2013 Security incidents have increased three-‐fold in India
INFO
SECURITY IN INDI
A..
Business organizaGon Revenue Spending increase for InformaGon security
Large business
> 5000 crores 11 %
Medium businesses
500 -‐ 5,000 crore 17 %
Small businesses < 500 crores 14 %
Government organisaSons 8 %
SE
CTO
R ISO reports around 12% year to year
increase in number of cerGficates from
2010 to 2011.
ISO/IEC 27001 InformaSon Security Research report says
about 87% of respondents stated that implemenSng ISO/IEC 27001 had a posiSve or very posiSve
outcome.
List of industrial sectors and number of ISO/IEC 27001 cerGficaGons obtained in
each sector. Highest markeGng opportuniGes is seen in the field of InformaGon Technology.
CU
STO
ME
R AC
QU
ISITIO
N STR
ATE
GY
Business Model
Organic growth-‐Internet MarkeGng
Reaching targeted segments through acGve presence in social Media
Direct MarkeGng
Alliance with service providers like datacenter
Cost effecGve and robust online campaigns and engagement via social network, blogs.
ArGcles in Print Media
BUSINESS MODEL
CLO
UD
AR
CH
ITEC
TUR
E
Business Model
CEO
CISO
Risk Manager
Auditor VRT
HR Security Admin
IT Admin
Integrated FixNix GRC
CollecSng and Sending Logs from various devices – Proxy Servers, Databases, Firewalls, IDS, Event Logs, AnS Virus, Linux SU Log, AIX Logs,
CISCO Devices etc.,
FixNix GRC Azure
ARCHITECTURE
FINAN
CIAL PROJECTIO
NS
Profitability Statement Balance Sheet
FINAN
CIAL PROJECTIO
NS
Services SubscripGon (#s)
eGRC Revenue (Lakhs) Chart
IT-‐GRC Revenue (Lakhs) Chart
CUSTO
MER, PARTN
ER Strategic relaGonships Strategic relaGonships
PIPELINE
PIPELINE
PIPELINE
PIPELINE
CO
MP
ETITIO
N
!FixNix GRC
Cost effecGve
Agile
Easy deployable
Affordable
Pay as per use
User friendly
WHAT
COMP
ETITIVE POSITI
ONING
EDGE Strategic relaGonships Barriers to Entry
COST: Big players are glad with their Fortune clients, not able to reduce price and play for Small, Medium Business MODULIZATION: Either IT or Enterprise GRC is separately provided to SMBs, nobody providing both of them together OPEN SOURCE: We’re heavy open source company, building a community of contributors across globe
!!
FIXNIX IT GRC DEMO
FIXNIX ENTERPRISE GRC DEMO
Q&A
http://www.fixRnix.in http://www.linkedin.com/in/fixnix http://www.facebook.com/fixRnix http://twitter.com/fixRnix http://pinterest.com/fixnix/ http://fixrnix.tumblr.com/ www.linkedin.com/in/shanmugavels www.facebook.com/shanmugavel