The cybersecurity landscape has become a minefield in recent years. In 2017, we saw a doubling of cybersecurity attacks and complex social engineering threats are ever-prevalent. This leaves companies of all types and sizes highly vulnerable to a cyber-attack. The driving forces behind these cybersecurity threats are multiple and complex. New technologies like Cloud computing and the Internet of Things (IoT) are changing the way we work and increasing the attack surface. Cybercriminals have new opportunities to steal credentials, expose sensitive data, and disrupt operations. It is high time that we start protecting ourselves against these dangers. This is especially important for businesses.
The Cold Hard Facts
Let’s briefly look at some of the issues to give you an idea of why cybersecurity is such a major concern.
- Between 2013 and the time of writing, there have been 14 billion data records lost or stolen. Of that data only 4% was encrypted.
- In 2016, in the EU, there was a 66% increase in cybercrime.
- Mass cyberattacks, like the Equifax breach where 146 million accounts were exposed, are contributing to a spike in account takeover (whereby a hacker hijacks an online account).
- The average cost of a cyber-attack increased by 23% in 2017.
- Damage by ransomware cost the world $5 billion in 2017.
The amount of attacks, the frequency, and the cost of the damage caused by a cybersecurity attack, adds up to far too much for many firms to manage. This is where outsourcing security comes in. The use of a Managed Security Service Provider (MSSP) offers a way to mitigate the risks of our connected world. Moreover, it can help to alleviate cybersecurity incidents.
The What and Why of Using an MSSP
Managed cybersecurity services are offered by specialists who work in the area of cybersecurity risk management and vulnerability remediation. An MSSP is a third-party company that offers a managed security service. They do so by providing your organization with an outsourced team that looks after your cybersecurity needs. This can be in-house or remote, depending on your budget, size of an organization, and actual needs.
A growing issue that is increasing the use of an MSSP by organizations is a lack of cybersecurity talent. McAfee recently published a report into the skills shortage in the industry “Hacking the Skills Shortage”. The piece reported that 75% of UK and 83% of German IT experts, were concerned about a cybersecurity skills shortage. This skill gap is reflected in further industry reports that show an expectation of a shortfall in skilled information security staff which will reach 3.5 million workers by 2021.
This lack of skills is and will continue to be, an issue for smaller firms in terms of recruitment of skilled cybersecurity staff. This is likely to be exacerbated by rising salaries of rare skills like penetration testing and privacy professionals; the average salary of a cybersecurity professional being 2.7 times higher than that of their non-security counterparts.
Because of the increasingly complex nature of cyber-attacks, coupled with a lack of experienced staff, smaller organizations, in particular, are turning to the services of a Managed Security Service Provider (MSSP) to help them out.
This was proven by analysts ESG who looked at the specific challenges of small to medium-sized operations and cybersecurity threat mitigation. They found that 32% of small organizations expect to “substantially increase” their use of an MSSP, and 40% will increase managed security services “somewhat”.
What Can You Expect When Using an MSSP?
The modern mantra of an MSSP is to work in collaboration with the client organization. They often talk about how this collaboration between your organization and their cybersecurity experts will help your company to learn and build better extended teams. In doing so, you will be better prepared for the long-term commitment needed to mitigate risk in a changing cybersecurity landscape.
When you engage an MSSP they are best when used in a holistic manner; that is, use the MSSP to:
- Advise on Building a Cybersecurity Strategy: Work with the MSSP to develop your general security strategy which will then inform policies and implementation of security tools.
- Develop Security Policies: Work together to design your entire organization’s security policies.
- Help to Build and Maintain Threat Intelligence: An MSSP will look at your IT systems, as a whole, to perform threat detection, mitigation, and ultimately remediation when required. As cybersecurity experts, they will have their finger on the pulse of the latest threat landscape. Working with you, they will be able to apply that knowledge to your organization’s specific industry and IT infrastructure.
- Create a Robust Security Infrastructure: An MSSP will have industry knowledge of tricks, tips, and techniques to build a robust and hardened IT infrastructure. They should, typically, be able to provide an analysis of system weaknesses and identify vulnerable areas in your network, the way your employees work, and other areas, such as Cloud and mobile computing. An MSSP will be able to advise and configure (if required) areas such as encryption, authentication, and web security measures.
- Offer Monitoring and Remediation: Ongoing monitoring of your IT systems is usually offered by MSSP firms. They will use tools such as intrusion detection and deception solutions to spot malicious activity and to prevent the activity from becoming a full-blown incident. If an incident does occur, they will initiate a rapid response and often have back-ups in place to minimize the impact.
Other Services From an MSSP
Managed security services will often have extended services which look after your specific industry and general compliance requirements. For example, the MSSP may offer the option of a Privacy Impact Assessment or a HIPAA compliance assessment. They are also likely to have in-house or consultant services to provide digital forensic teams.
Is It Worth Engaging an MSSP?
Most smaller organizations cannot hope to have the kind of specialist cybersecurity team that larger enterprises take for granted. Even with the best will in the world, pulling together a dedicated team of information security experts is a challenge in an age where those skills are rare and come at a premium price. However, this gap has been filled by the services of professional companies who offer a team of skilled cybersecurity professionals as a third-party option.
The MSSP provides a level of service to an organization offering the type of protection they would have if they had their own in-house security team. Of course, this all comes at a cost, but the price of having your own in-house team is likely to far out way the costs of MSSP services. In the end, it is down to your appetite for risk. Using an MSSP is a way to reduce the risk that your organization faces in a hostile cyber environment.