A growing number of cyberattacks and the explosion of hybrid work have together pushed security resources to the brink, exposing the need for more managed services backed by machine learning.
Especially in the era of distributed, multi-cloud environments, information technology (IT) leaders require a more dynamic and holistic approach to avert bad actors, navigate a jagged threat landscape and avoid security stumbling blocks. Here’s what the journey looks like today:
- A security hot mess: Many organizations have backdoor connections into the corporate network, particularly with the addition of cloud services, IoT and personal devices. Nemertes studies show more than 56% of the average enterprise workloads run outside enterprise data centers and are typically split across multiple cloud vendors. Gaining visibility into — much less control over — this tangled mess is just the first challenge.
- Breach costs are sky high: The cost of data breaches continues to rise, with the average being $4M and the price increasing by at least $1M more when remote work is a key factor.
- Few helping hands: A shortage of security professionals cut 53% of companies off at the knees even before the pandemic. Now, the issue is worse, with 67% of security teams not having the help they need.
- DevOps devolves security: While agile project management practices have benefitted from the pace of digital transformation, IT infrastructures have become more difficult to secure when developers are continuously reconfiguring them.
- Zero trust confusion: Zero trust has become a popular way to address today’s security problems, but no single solution implements a complete zero trust architecture. Thus, IT leaders are left to cobble together multiple security technologies from an alphabet soup of overlapping tools.
To meet the moment, companies must augment their cybersecurity teams with the expertise and operational support of security service providers.
Don’t go at it alone: 50% faster containment
All but the largest and best-resourced organizations struggle with effective cybersecurity via a fully insourced model. As digital transformation accelerates, driving growth through the cloud and data science, it is imperative to augment security tech stacks with 24/7 operations. Nemertes research findings show successful companies — those with a lower median time to contain (MTTC) threats — are 52% more likely to have a security operations center (SOC).
But the problem is most organizations can’t afford to staff or manage a SOC. For those companies, a managed threat detection and response (MDR) offering is the answer. Security providers are better suited to put in place programs that are both responsively reactive and thoughtfully proactive. Nemertes also found that companies with fewer than 2,500 employees see a 50% MTTC improvement when moving to an externally managed SOC.
When security isn't in order, digital transformation is a risky business. Any organization lacking an effective program should be pumping the brakes on innovation. For example, cloud migration shouldn’t be accelerated without proactively addressing cloud-related risks using technologies such as Cloud Access Security Broker (CASB). The right partner will understand your strategic plans and work to securely empower them.
Plus, forward-leaning providers should make machine learning, SASE solutions and zero trust frameworks all work together.
7 considerations for choosing the right partner
While there are many managed security service providers in the business, here are seven considerations for choosing the best fit. According to Nemertes, an ideal partner has:
- Solid relationship foundations: Brings with it all the virtues of any good MSP in terms of staffing, and process maturity
- Industrial experience: Understands the cybersecurity implications of the customer’s industry, business practices and geographical footprint
- A complete toolbox: Wields a broad and robust cybersecurity toolset including AI-based analytics and machine learning, plus SOAR automation tools, CASB cloud security tools, and endpoint protection platforms
- Toolbox flexibility: Provides all necessary technologies, but also works with the client’s existing tools
- Owns and operates a 24/7 SOC: Provides a well-structured and responsive security operations team delivering MDR services
- A 3D, bird's eye view: Monitors and secures resources across all IT environments and services (cloud, endpoint, on-premises), but also monitors and secures access for all user populations in any geographic footprint
- Risk-centric best practices: Takes a risk-centered approach to planning, executing, responding to and reporting on cybersecurity posture and events but also uses industry-leading frameworks to guide continuous improvement such as zero trust and the National Institute of Standards and Technology’s Cybersecurity Framework.
Managed security services are more essential than ever — in addition to teams of certified security analysts, they bring the technological prowess in implementing work-from-anywhere models, zero trust architectures and secure access service edge (SASE) solutions. Moreover, they know how to build unified platforms capable of simplifying the often-overwhelming job of cybersecurity. IT and cybersecurity professionals evaluating services should seek all these things, identifying multiple possible partners.
This article originally ran in Today’s Cybersecurity Leader, a monthly cybersecurity-focused eNewsletter for security end users, brought to you by Security magazine. Subscribe here.