POWERED BY
INTELLIGENT BRANDS // Enterprise Security
‘The time is now for
outsourced security services’
– ThreatQuotient expert
solicited to change jobs by recruiters at
least once a month. The result? Salaries,
attrition and competition for skilled
applicants are soaring.
Outsourcing to a managed security services
provider (MSSP) or a provider of managed
detection and response (MDR) services is
one of the strategies that organisations are
using to close the skills gap while mitigating
cybersecurity risk.
Matt McCormick, SVP Business and Corporate Development,
ThreatQuotient, tells us why organisations should now consider
managed security services to help address their security needs.
For years we’ve been talking about
the skills shortage that plagues the
cybersecurity industry and which
some reports now peg at three million
and growing. Organisations lack trained,
experienced resources in many areas
including expertise in management and
monitoring of the infrastructure protecting
an environment, incident responders, threat
intelligence analysts, security operations
engineers and even security leadership.
These gaps increase cybersecurity risk for
organisations and their key stakeholders,
including customers, employees, business
partners and shareholders.
No group feels the impact more every
single day than an organisation’s
cybersecurity team. Enterprise Strategy
Group (ESG) recently surveyed cybersecurity
professionals and Information Systems
Security Association members about their
experiences on the job.
The report, The Life and Times of
Cybersecurity Professionals 2018, concludes
Matt McCormick, SVP Business and
Corporate Development, ThreatQuotient
that the ramifications of the skills shortage
include an increased workload on existing
staff, an inability to fully learn or utilise some
security technologies to their full potential
and the need to spend significant time
training junior employees since it is difficult to
hire experienced cybersecurity professionals.
When organisations do manage to
hire top talent, they experience trouble
with retention. Three quarters of survey
respondents told ESG that they are
MSSPs offer 24 by 7 monitoring and
management of security devices and
systems and are in the position to hire,
train and leverage security experts across
many different customers. Providers of
MDR services focus on detecting threats
that have infiltrated an organisation’s
network, capabilities sometimes not
offered by MSSPs.
Both types of services help organisations
reduce costs building out their own security
operations centre and get the expertise
they need to adequately protect their
environment. These services are in such
demand that IDC predicts global security
spending will top US$103 billion in 2019,
with managed security services accounting
for the largest category of spending at more
than US$21 billion.
MSSPs and MDR services will remain an
important option for many companies for
the foreseeable future, particularly when
you consider other factors at play beyond
the skills shortage, specifically: a dynamic
threat landscape, an ever-expanding attack
surface and an increasingly complex security
technology environment.
The time is now for many organisations to
consider managed security services to help
address their security needs. •
www.intelligentcio.com INTELLIGENTCIO 67