By Martha Vazquez, Senior Research Analyst, Infrastructure Services, IDC
Successful organizations are changing how they operate, deliver services, and interact with customers. Digital transformation (DX) is at the root of these changes as customers, employees, and other stakeholders gain access to vital information from multiple cloud services, mobile devices, and at the network’s edge. DX is driving this rapid change in technology across all types and sizes of organizations.
As a result, the attack surface of enterprises is expanding, making it more difficult for organizations to keep up with securing their data. Attackers and adversaries are confident they can quickly take advantage of an organization's lack of security skills, along with the gaps created when vital security protections don't work properly (often from device misconfigurations or staffing shortages). These vulnerabilities give cybercriminals an edge.
For organizations, the IT environment has become more complex and attackers have become smarter and quicker. The need to manage and monitor a breadth of assets and keep up with the ever-changing threat landscape is a top challenge. The results from an IDC 2019 U.S. MSSP (Managed Security Service Provider) survey show that the top 3 functional criteria important to an organization when selecting an MSSP are as follows:
- Consistent awareness of threats
- Monitoring services
- Highly responsive staff
Sadly, many organizations, as they transform, will become unaware of attacks on the network and experience gaps in their security posture. They will lack the monitoring, tools, procedures, and people needed to stay protected.
Staying Aware of Threats
From an organizational perspective, with the technological changes occurring today, the threats are becoming not only more complex and advanced, but also are increasing in volume. An organization that is digitizing its assets, are now more susceptible to threats and attacks. With that said, organizations struggle with hiring the right people with the security expertise to keep up with volume of threats. And that surface will only continue to grow.
A recent U.S. IDC survey found that close to 50% of respondents will turn to a managed security service provider to fill in for staff shortages and provide 24X7 support. Over 25% of respondents felt that they lacked the security talent and skills to keep up with the growing attack surface and the vast amounts of telemetry entering the network.
With the need to stay ahead of the threats, organizations have determined that having the visibility to constantly be monitoring and managing an organization's overall security assets is an important criterion when selecting a MSSP to partner with (see chart below). This enables organizations to really focus on other business tasks and have the peace of mind that their infrastructure is secure.
The Importance of 24X7 Monitoring Services
As the number of security events flood an organization's network, at any time of the day, it becomes less and less possible for an IT team to evaluate the threats most likely to pose a high risk of compromise and possible data breach. Obviously, 24X7 monitoring was noted as a critical element for organizations because management of devices is no longer the acceptable way to handle security. While patching and managing the health of devices is important, the security landscape has changed tremendously and continues to evolve.
Forward-thinking organizations need to partner with security providers that will maintain a continuous monitoring of threat onto their network. Another data point from IDC's U.S. survey revealed that the top five top concerns when it comes to securing their business operations and IT environments included: data breaches, malware, spyware, system vulnerabilities, and diminished credibility (see chart below). All these concerns prove that securing data at all times remains critical in today's evolving security landscape.
Having a Highly Responsive Staff on Hand
To stay effective against today's complex attacks, MSSPs must be able to keep up with the modern needs of organizations by providing advanced security services in assisting defending against and responding quickly to attacks. Organizations are no longer looking for a traditional service provider to simply provide basic management of security products along with management of policies and rule sets. Today, the market has shifted beyond providing basic protection against and detection of threats and toward offering a response and/or remediation —in rapid fashion —that's tailored to an organization's needs.
In fact, when looking for an MSSP, organizations have decided that these four requirements are of upmost importance for forward thinking MSSPs especially with because of the need to respond quickly to advanced threats: 1) strong security credentials and/ or reputed security service capabilities, 2) strong analytic and/or cognitive enablement capabilities, 3) strong digital consulting capabilities, and 4) customer centricity, as show in the chart below.
IT leaders have learned that security is not only about the technology, but also about the people and processes that reinforce the technology. As attackers get ahead, the ability to respond rapidly and in real-time to critical incidents is crucial. But making sense of which events are critical is hard to do with without the right expertise.
Organizations need to have a partner such as a MSSP to help them cut through the noise in order to select the incidents that must be evaluated rapidly. Partnering with an MSSP can enhance a company’s mean time to detect (MTTD) and Mean time to respond (MTTR) by utilizing technologies and analysts that understand how to identity the right alerts. And that capability can make all the difference.
To view IDC's Tech Spotlight research on the next era of managed security services, click here.