5 minute read
PLUGGING THE GAPS
MANY ORGANISATIONS ARE LEVERAGING MANAGED SECURITY SERVICES TO BRIDGE SKILL GAPS AND IMPROVE SECURITY POSTURE. HERE IS HOW IT WORKS.
Organisations in the Middle East need to get security right when embracing rapid digital transformation. As the number and variety of cyber-attacks rise, companies undergoing digital transformation are more prone to security risks than ever before. Faced with the pressure of rapidly increasing cybercrimes, skill shortages, and the need to safeguard critical data, many security chiefs are prompted to turn to managed security services providers to help with proactive steps to contain threats.
Advertisement
According to a recent report from MarketsandMarkets, the global managed security services market is projected to grow from $31.6 billion in 2020 to $46.4 billion by 2025, driven by the rising instances of security breaches and an increasing number of attacks that pose a threat to large and small organisations.
“There is a significant shift in the security spend across the Middle East, Turkey and Africa (META) region as most of the organisations started operating on digital and online platforms which also exposes them to security vulnerabilities. There is a drastic increase in end-user based targeted attacks such as phishing, email compromise, spamming etc. Ransomware, advanced persistent threats (APTs) and cloud related attacks are also on the rise post pandemic time, and these factors have influenced the security professionals to fortify their organisation,” says Manish Ranjan, Senior Program Manager for Software & Cloud at IDC Middle East, Turkey and Africa.
In a recent IDC Security survey, almost 67% of the respondents mostly CIOs/ CISOs/IT heads across the META region stated that they expect their organisation’s spending on IT security to increase in 2021 over 2020, while another 20% said it would remain unchanged.
Dr. Ahmed AlKetbi, CISO, Moro Hub, says the pandemic has obliged businesses to reconsider and reprioritise their security strategies given the increase in consumption of digital services. The change in the consumption pattern using cloud services and personal devices has raised new security concerns, especially in the monitoring and response area. Safeguarding digital assets became a higher priority and therefore we noticed clients’ budgets have shifted more towards securing their cloud environments and leveraging cloud-based security services.
“Security strategies shall be aligned and focused on covering this new risk as a part of new digital workplace and workforce. Accordingly, we encourage governments and enterprise clients to adopt a more balanced approach towards spending. Managed security services are a cost-
Dr. Ahmed AlKetbi
effective and viable option to instantly scale-up with advanced monitoring solutions that can immediately cover these new risk domains of digital workplace and workforce,” he says.
Managed network, managed security information and event management (SIEM) services, and DDoS mitigation services are the top three areas where organisations are leveraging expertise from managed security service providers.
AlKetbi says the key role of MSSPs is to provide real-time cybersecurity services round the clock to ensure protection, detection, and response readiness. Most enterprises leverage MSSPs to be able to respond to cyber incidents any time of the day, as security attacks are unpredictable. Also, several clients do not have the required resources with the right level of skillset maturity, this is where MSSPs step in to help them augment the capabilities of their in-house security resources. Such skilled shared resources can further help in optimising the budgetary challenges.
Ranjan says managed network security service is becoming extremely crucial for organisations to safeguard all components like hardware components, software applications and cloud services. According to IDC Security Survey across META region, almost 50% of organisations stated that their spend on managed network services would be more in 2021 than the last year, which is the topmost managed security service area.
Enterprises are increasingly leveraging MSSPs for access to the skilled expertise they offer. Globally, and in the Middle East region too, it is difficult to find and retain skilled cyber professionals. “Managed Security Service Providers like Help AG have spent a lot of time finding, onboarding and retaining skilled cybersecurity specialists, including exposing them to different security contexts that would not normally exist within a single organisation. Thus, any cybersecurity analyst or engineer will be able to develop their capabilities far quicker and more broadly in a managed services environment than in any single organisation,” says Simon Willgoss, Head of Managed Security Services, Help AG.
Additionally, enterprises are leveraging MSSPs for 24x7 security operations. Doing this internally is very costly and requires a lot of management, including managing shifts, shift allowances, physical facilities, leave and sick leave, and retaining staff. Many enterprises have opted to use a managed service provider because MSSPs are used to managing all these aspects day in and day out; it is their bread and butter, and they have the pool of resources to draw from, he adds.
What should be key evaluation criteria when selecting an MSSP?
One of the primary reasons why organisations partner with MSSPs is due to their depth and breadth of security expertise. And this becomes a very critical criterion that every enterprise should evaluate before selecting an MSSP.
“Enterprises must do due diligence to see if the MSSP has required number of security experts and what certifications do they have, and are they specialised in only a few security threat areas only or look for wholistic security threat landscape. They should also evaluate if they have the right capabilities and capacities to manage real-time security crisis, do they possess expertise within a specific vertical, and how does the service level agreements (SLA) compares with others,” says Ranjan.
Many service providers will take your data out of the country, highlighting one of the most important evaluation criteria when choosing an MSSP, according to Willgoss. Organisations must consider whether there are any restrictions on data movement in or out of the jurisdiction where they operate. Government, semi-government, critical infrastructure, and financial organisations often face such restrictions, so selecting an MSSP that operates locally is key.
AlKetbi agrees: “While every organisation would have their own set of criteria, it is essential to consider regulatory and integration challenges. MSSPs need access to confidential data like key system logs and traffic feeds. Given the increasing data residency and sovereignty requirements it is advisable to consider in-country MSSPs. In addition, especially for a cloud-delivered service it is very important to work with MSSPs, which are certified by local and international standards. Finally, the target MSSP shall have industries leading SIEM/ SOAR technologies to ease integration and support automation and orchestration.”
Manish Ranjan Simon Willgoss
