We hear from Kurt Hansen, co-CEO of Tesserent, a full-service cybersecurity and secure cloud services provider, about the benefits of a MSSP partnership.
When organisations face new threats or identify opportunities, they usually make a plan and then engage experts to assist them. Often, that involves finding and hiring talent, creating new teams and investing in new tools. But in the case of cybersecurity, that’s not easy.
The adversaries organisations face are constantly changing how they operate – the sheer volume of attacks makes monitoring and detection exceedingly complex. Coupled with a significant cybersecurity talent shortage in Australia, and the market commanding top dollar, the vast majority of companies are simply not able to meet these challenges head on.
The pathway through this complex minefield relies on partnerships. Mid-tier and enterprise businesses can look at outsourced IT managed services to boost their cybersecurity capability, without increasing headcount or committing large budgets to tools, training and fly-in/fly-out consultants. Working with a managed security services provider (MSSP) gives organisations access to experienced experts, without the cost of trying to recruit, train and retain them, and who are equipped with a superior arsenal of tools that allow them to monitor your environment and alert you when a threat you need to be concerned about emerges.
Beyond the cost of running an internal security function, one of the key advantages of outsourcing to a Security Operations Centre is the speed of detection. The gap between an attackers’ time to compromise and the enterprises’ time to detection is highly critical and can have financial and reputational consequences. A partnership with a 24×7 security operations centre helps organisations close that gap.
While the volume, variety and velocity of security threats is accelerating, not every threat is relevant to every business. A good MSSP will apply their experience to identify the threats that matter to a specific business. This means your internal technology and security teams can focus on the threats that pose a risk to your operations and not spend their limited time trying to detect the critical signals in all the noise.
It is possible for organisations to build their own internal capability to do this. But that task is becoming harder. With AustCyber detecting a skills shortfall of almost 20,000 workers and Deakin University forecasting that the demand for these skills will grow by over 20% by 2023, acquiring those skills will be difficult and costly. And once you have the people, they will need access to a powerful suite of tools, and a security operations centre (SOC) that collects data from both internal and external sources so they can monitor, detect and react to threats and attacks. And then you face the challenge of trying to retain them for the long haul.
The alternative approach is to work with a MSSP that gets to know your business. They have already secured highly trained experts and have state-of-the-art tools in place. They are ready instantly to monitor your systems and track external feeds including direct monitoring of where criminals share information about their methods and targets. Usually companies access this expertise and software licensing, via a monthly fee.
MSSPs typically run their own SOCs and are staffed, usually 24/7/365, with experts who are constantly monitoring and responding to threats and alerts. They can fulfill a need that all organisations have but can rarely achieve. A MSSP will monitor activity on your network and has access to a vast array of intelligence from all over the world sourced from vendor partnerships, government agencies and by infiltrating and carrying out their own surveillance on the Dark Web.
From a strategic perspective, partnering with a MSSP makes a lot of sense. Rather than using your internal resources on routine tasks such as monitoring, you can apply their knowledge of the business with a more strategic lens. Instead of chasing down every alert and collecting data for compliance reporting – jobs that a MSSP can do – your IT and security team can focus on adding value to the organisation. A MSSP gives you access to a team of well-trained and highly resourced security professionals that can deliver a high level of risk mitigation at a fraction of the cost of hiring your own team. They can tailor their services to your specific needs and free your internal staff to focus on serving internal customers and ensuring that your technology and security strategies are aligned to your needs whilst the MSSP security experts do what they do best.