Malik added that enterprises have become more comfortable with outsourcing aspects of security, as well. “The irrational fear of cloud being insecure is being replaced by a more measured approach. Secondly, there’s the skills gap issue. Most security teams in-house are so stretched, they don’t have time to monitor and respond to all alerts — so shifting some of those tasks to a managed security services provider can help relieve some of the burden,” he said.
Fisher agrees on the skills shortage. According to Fisher, there are three primary trends underway driving the move to outsource: 1) extreme difficulty in obtaining and retaining qualified staff; 2) the infrastructures are complex and difficult to manage within the operating budgets of many organisations; 3) managed security services providers have matured to a point where there is more flexibility, for example hybrid security providers that manage the SIEM on your floor, than existed previously.
“My sense is that it’s the functions that cannot be easily commoditised are staying in-house. For example ICS/SCADA and bio-medical security are very specialised that many folks would be uncomfortable outsourcing,” Fisher says. “But identity and access management is something that can likely be passed to a qualified partner. That line of what’s commodity and what isn’t is changing and dynamic so it’s going to be challenging to make good decisions over the next couple of refresh cycles as a CISO,” advises Fisher.
Threat intel and data sharing focus
Threat intelligence, data and information sharing came in big this year. Fifty-one percent of survey respondents say they use security data analytics to model cybersecurity threats and spot attacks underway. That thirst for data is another reason why enterprises are turning to cloud and outsourcing. Within those respondents that rely on managed security services, 55% say they rely on their providers for security monitoring and data analytics. And another benefit of these providers is their access to security operations and threat intelligence fusion centres.
Michael Echols, executive director and CEO at the International Association of Certified ISAOs (Information Sharing and Analysis Organisations), and former director at the cyber joint program management office at the US Department of Homeland Security, believes enterprises are also increasingly warming up to the idea of cybersecurity information sharing. “There’s an opportunity to essentially share costs [from organisational data sharing]. With data sharing, you now have the advantage of the expertise that maybe one of your sharing partners has, or if there’s someone in your particular community of interests, or region, or industry; if something is happening to them, it potentially is going to happen to you. You now have valuable threat intelligence,” says Echols.
There is no doubt about that, and considering the acceleration of technological innovation that enterprises are adopting, and the determination and persistence of today’s attackers – CISOs need every edge they can find.
IDG News Service
Subscribers 0
Fans 0
Followers 0
Followers