B.I.S.S Research White Papers

To Outsource or not to Outsource Cyber Security

Marc Briggs

Marc Briggs

Think for the future - failing to prepare for an event where business operations are disrupted could have a severe impact on revenue and reputation. With a workplace recovery solution, you can minimise the risk of unexpected downtime.
Share on twitter
Share on linkedin
Share on facebook
Many small and midsize companies are gravitating toward an outsourced model for security and day-to-day operations. Why you may ask?

Because of the increasing number of data breaches and the heightened focus on risk.

According to a recent survey, the top functions being outsourced are:

·     Penetration testing/threat assessments (70%)

·     Spam filtering (46%),

·     Threat intelligence (40%),

·     Log monitoring (34%),

·     Anti-DDoS/web application firewall protections (27%),

·     Business continuity and disaster recovery (26 percent)

·     Awareness training (22 percent). 

Outsourcing security functions appeals to small and midsize companies in particular because their resources are already stretched thin and most lack the bandwidth to adequately perform security functions. Smaller companies are also less likely to have people with specialised security skills who can focus on staying on top of a continually changing landscape.

Other developments that push companies toward outsourcing their cyber security include the increase in the number of hackers and the extent of products designed for enterprise security. Trends like these make security difficult to manage for smaller organisations.

“The inevitable conclusion is companies increasingly have to rely on security handled by an MSSP because they can’t keep up — they just don’t have the resources,”

Outsourcing: Not an either-or proposition

The outsourced or managed services model works because there is often no one other than the IT Manager or similar dedicated to security, which opens a company up to risk. Security ends up being sliced up and dished out to 10 percent of several people’s jobs, but because no one beyond the IT Manager is responsible, it’s very tough to make progress or to stay on top of it the way you have to.

Getting a helping hand from outside providers, including an MSSP, not only helps offload some security work, it also means the organisation has 24/7, 365-days-a-year coverage from a highly trained set of eyes.

“IT staff will not be able to provide this kind of service, because they have to handle all types of IT issues, security included, for several users”

Marc Briggs

Marc Briggs

Think for the future - failing to prepare for an event where business operations are disrupted could have a severe impact on revenue and reputation. With a workplace recovery solution, you can minimise the risk of unexpected downtime.
Share on twitter
Share on linkedin
Share on facebook