Four reasons organizations are making the move to Managed Security

As security threats increase in prominence and news of breaches proliferates in mainstream media, the response to mitigating these threats, and the allocation of security spend within IT and enterprise budgets, is no longer a trivial task.

Recently, our consultants spoke to a number of individuals working in IT to get their views on the current state of the security marketplace. We frequently hear statements indicating the increasing pain and complexity of security management within in-house IT teams.


Rising threats and costs

“There are too many security risks and threats for our small team to look out for….it’s like trying to find a needle in a haystack”

A range of national and international sources (e.g. Ponemon, IBM, Symantec etc.) have provided data indicating a rising global security problem. Numbers of reported breaches and incidents are increasing, as are the number of records being leaked – recent Goldman Sachs studies estimate that 1.1 billion records were exposed in data breaches in 2015.

While technologies are better at dealing with previously seen or “known” threats, dealing with unforeseen and unknown threats is a growing problem for most organizations.

While successes are evident and are reported around traditional attack types such as email spam, they are quickly being replaced by rising incidents of other categories - with spear phishing, ransomware and mobile malware all rising in incidence at present.

Threat actors are also more varied than ever before, ranging from small-time hackers up to highly organized cyberattack groups, increasingly funded at nation state level.

Technology complexity

Managed security solutions“The first wave of security technologies we purchased were within our budget…. however some of the newer ones have much higher price points… we’d love to deploy them, but it can be very hard for us to justify upfront purchase if we can’t easily demonstrate the ROI to business people”

The evolution of the IT Security supply chain is very much influenced by several well-known technology macro trends - such as:

  • Cloud computing
  • Big data
  • Mobile computing
  • Internet of Things (IOT)
  • Social media, etc.  

As adoption of these and other new technology trends increases, an ever-broadening security attack surface is developed in tandem, creating a broader number of known and unknown threats.

In addition, new macro-technology trends can also re-introduce old vulnerabilities on new platforms which now also have to be mitigated - leading to an ever-increasing and changing workload for security teams.

Rising data variety

“Management expect more and more security from our allocated budget”

Security at its core is now a domain-specific Big Data problem. A typical security team has to process and triage huge volumes of security data at high velocity, with real time response often necessary to make use of such data.

What is less spoken about is the third “V” of Big Data: variety.

This exists in spades for the security professional. Log information from a host of general IT infrastructure and security-specific appliances needs to be processed and understood alongside a broad range of contextual information, advanced analytics, and shared threat intelligence sources from outside the organization.

No single individual or small team has the bandwidth or such a variety of security decision information.

Security skills shortage

“Getting the good guys is very difficult…. there’s so much competition out there”

“Our current approach to security budget staffing is unsustainable – at some point we will need a new approach”

A 2015 Frost and Sullivan/ISC Study estimated that by 2019 there will be a shortfall of 1-2 million security professionals globally. In the same study, almost two-thirds (62%) of IT Security decision makers agreed that there are too few security professionals.

This shortage has both visible and under-the-hood impacts in already stretched IT teams. It has led to increased security outsourcing as well as increased demand for security technologies that reduce manual workload.

Beneath the iceberg, security tasks are increasingly delegated to generalist IT professionals who are often untrained or not “well practiced” for the specific security task at hand.

In worst case scenarios, such tasks are done sub-optimally or not done at all, in particular where a large list of regulatory controls stated as being implemented in paper are not implemented properly in practice.

This is not about replacing your existing IT team; it's about freeing up their time to allow them to get back to more business-critical tasks. 

Kind regards,

The Cybersecurity and Information Resilience team