Why do so many of the world’s businesses wait to engage a managed security services provider (MSSP) until after they’ve experienced a data breach?
A new study by the Ponemon Institute consists an in-depth survey of almost 2,000 IT professionals around the world.
The thrust of the surveys was to gain perspective on how MSSPs were used, and how they fit into their business strategies. What emerged were seven key ideas, summarized here.
1. Show Some Muscle
MSSPs are frequently used because they help businesses look stronger. This stronger security posture can help deter potential attackers. Still, most businesses don’t act on this except as a reaction to an attack.
2. Offense or Defense?
Most MSSPs have historically dealt with responding to data breaches rather than proactively hunting for them and preventing them. Although this trend is changing, it’s still the standard for 84% of the MSSPs employed by respondents.
3. Working Together is Better
The ability of different IT systems and software applications to communicate, exchange data, and use the information that has been exchanged is key to the success of an MSSP. This interoperability with security intelligence tools such as SIEM emerged as the most important element to respondents.
4. Get Added Insights
Most respondents believe that MSSPs offer a more holistic view of the external threat environment than they could have on their own. Monitoring a large number of security events from a global customer base gives a large MSSP access to a bigger picture that can be leveraged for insight into the environment of each individual organization.
5. What You Don’t Know Might Hurt You
Many respondents already working with an MSSP admitted that their provider identified existing software vulnerabilities that were older than 90 days. These weak spots were ones the organizations had no knowledge of until then, so they were essentially sitting idle, waiting to be exploited.
6. From The Motherboard to The Boardroom
Although IT departments have historically managed MSSP relationships, that trend is shifting. More and more, business units are engaging MSSPs directly. This may be because MSS services are being recognized as a key element of an organization’s competitive advantage.
7. The Veil of Secrets
More than half of the respondents admitted that they don’t use MSSPs because of a lack of visibility into the provider’s IT security infrastructure. If they can’t see how it works, they don’t want to use it.
There’s more to the report, including conclusions, recommendations, and methods. These 7 key ideas reveal, however, that the old ways of conducting cyber security are quickly becoming obsolete in the face of more and more sophisticated attacks. The trend toward threat hunting and proactive prevention is one that will continue, if only due to necessity.
In order for enterprises to secure themselves against emerging threats, they need to continue marshalling resources before a breach occurs. That means selecting an MSSP that possesses effective tools for analyzing data. Garland Technology produces a wide range of network TAPS that allow MSSPs to break out granular information and see every bit, byte and packet®.
For more information on how MSSPs make use of Garland Technology in order to bulk up enterprise security, check out our white paper on Maximizing Visibility: Understanding the Role of Network TAPS, Packet Brokers and Hybrid Solutions.