Big Brother is a fictional character in George Orwell’s dystopian novel “Nineteen Eighty-Four,” published in 1949. The story is about an imaginary state called Oceania, where there is great suffering and social injustice. Its citizens are under the constant surveillance of the governing authorities, mainly through telescreens. The people are constantly reminded of this through the slogan “Big Brother is watching you.” Today, “Big Brother” denotes abuse of government power, particularly in respect to civil liberties, often specifically related to mass surveillance. But “Big Brother” is not always negative. In the context of cybersecurity, an enterprise needs a “Big Brother” or “Guardian Angel” to watch over its infrastructure. And so, this article focuses on the companies who look after your IT infrastructure through managed security services (MSS). We’ve got viewpoints from global CISOs, industry analysts, and Managed Security Service Providers (MSSPs).
By Brian Pereira, Principal Editor, CISO MAG
Here are the key findings of our research:
1. Every type of business and industry is vulnerable
All businesses, regardless of size and sector, are exposed to cyberattacks today. Organizations are digitizing and connecting infrastructure to the cloud and the Internet. Even manufacturing companies, which for decades used operational technologies (OT), are now using SCADA (supervisory control and data acquisition) and IoT devices that are prone to cyberattacks. Ransomware impacted several healthcare companies in 2019.
Malicious actors tend to compromise intellectual property, financial data, credit card details, personally identifiable information (PII), electronic health records (EHR), customer transaction records in retail, blueprints for components, business secrets — and sell it on the Dark Web.
2. Threat landscape is expanding; the nature of attacks is sophisticated
To make threats more sophisticated and targeted in nature, threat actors are employing artificial intelligence, machine learning-based techniques, and stealth technology.
D.C.S. Hariharan, Information Security Risk & Compliance Head, Syngene International Ltd., said, “The emergence of threats such as DDoS attacks, targeted ransomware, cyber extortion, and advanced malware attacks, has led to a higher uptake of advanced security solutions.”
3. Shortage of experienced manpower
The lack of cybersecurity skills and declining security budgets has made it impossible for organizations to monitor its infrastructure effectively and block recurring attacks.
This is more so in the case of small and medium businesses and government organizations that don’t have budgets for hiring high-salaried security professionals.
Dick Wilkinson, IT Security Officer, New Mexico Judicial Information Division, informs us that, in the U.S., a shortage of qualified security employees is driving companies to use a shared resource like a MSS provider or a SOC (Security Operations Center).
“Security employees are in high demand and thus more expensive to hire, so the coverage of an MSS SOC can be a way to close that gap at a lower cost,” said Wilkinson.
4. Regulation & Compliance
With the introduction of new regulations and compliance mandates, organizations will find it a challenge to keep up and yet focus on their core businesses. Non-compliance can also prove to be expensive and lead to business losses, as we have seen in the case of GDPR.
“Organizations must have in-depth knowledge of current privacy laws, regulations and compliance frameworks that affect their business,” said Jason Albuquerque, Chief Information Officer & Chief Information Security Officer, Carousel Industries, Inc. “With the rapidly changing governance, risk and compliance landscape, it becomes extremely difficult to stay up to date with these changes. For this expertise, organizations can look to MSSPs for help.”
MSSPs have experts on compliance and regulation and they can ensure adherence to regulations for data localization, storage, and protection requirements.
“Global MSSPs must have a global data management strategy to be sure that they are not adding a business or compliance risk to their clients. Also, to add additional value for the customer, these subject matter experts can act as consultants to the clients to help build strategies to strengthen their security posture,” added Albuquerque.
5. Traditional security monitoring is inadequate
Traditional security monitoring practices don’t stand a chance when it comes to detecting and blocking modern-day threats. Two traditional approaches, SIEM (security information and event management) and LM (log management), are no longer enough.
“There is a need to have next-generation security operations where Managed Detection and Response (MDR) providers can support enterprises by providing advanced detection, faster incident mitigation, global threat intelligence, and deep threat analytics,” said Hariharan.
Pankit Desai, Co-founder and CEO at SEQURETEK, said, “Companies are now seeking MSSPs with an integrated model. Earlier, there were separate entities for monitoring, for response, and managing. Today there is a capability that looks at identification to remediation and response, to detection. You need one value chain—someone who orchestrates it end-to-end.”
The move to Managed Security Services
Boards in companies take cybersecurity very seriously today, more so after digitalization. A cyberattack on IT infrastructure could bring business operations to a halt, peeving customers, partners, and shareholders. That could lead to a decline in the share price of a company, loss of customers, and irreparable damage to its reputation.
An organization can take two paths to reduce the chances of that happening: They could either have an in-house security team working round the clock in shifts to monitor and manage infrastructure. The other option (and a more cost-effective one) is to outsource their security management to a third-party or MSSP.
About the Author
Brian Pereira is the Principal Editor of CISO MAG. He has been writing on business technology concepts for the past 26 years and has achieved basic certifications in cloud computing (IBM) and cybersecurity (EC-Council).
This cover story first appeared in the February issue of CISO MAG. Get your preview here.
To read the full version, Subscribe now!