Sometimes, You Need to Call the Professionals

Posted on by Rook Security

Implementing a strong cybersecurity program requires IT security personnel that most companies don't have on staff.  The reasons are many, including lack of funds and a lack of awareness of security needs. It's also tough to find qualified IT security professionals. It's a difficult job that involves working long hours, sometimes on holidays and weekends. A security operations center (SOC) analyst does not have a traditional 9-to-5 workday. He or she is a professional, on call 24/7/365.

Because of the in-house security limitations faced by many organizations during the last several years, many have opted to outsource IT security to a managed security service provider (MSSP). MSSPs provide 24/7 threat response capabilities through security monitoring. They have certified staff and the best technology in place.

Analyst reports show that the market for outsourcing company security is on the rise. In fact, the 2014 Gartner Magic Quadrant for MSSPs noted, “In 2014, the global market for security outsourcing was $13.8 billion, with a forecast compound annual growth rate of 15.4 [percent] through 2019. In 2014, the global market for managed security services was $7.9 billion.”

Organizations aren't new to outsourcing. Many already outsource legal representation, marketing and office maintenance for example. With the steady increase in cyberthreats though, cybersecurity outsourcing is being added to that list for many good reasons.

MSSPs have the talent. The best cooks work at restaurants, just like the best security professionals work for security companies. A good MSSP will already have security talent in place, as well as be able to identify and utilize highly-qualified IT security professionals. They have the tools to help their analysts work more efficiently, allowing the MSSP to turn a small group of individuals into an efficient team. This setup allows for outside companies to have instant access to specialized analysts for their security needs.

MSSPs have seen many of your problems before. I worked with a client who was developing an international production facility where a great deal of proprietary information and process data was created. The client needed to create an isolated network with hosts that would be monitored for any data exfiltration from within and without the network.

My team provided the network design and monitoring tools to ensure that this facility was appropriately secured while still being able to provide security monitoring, response, and remediation services. The proprietary data that was generated at this facility represented a significant amount of capital to this client. By giving the client the ability to protect their data and processes, we gave them the confidence to expand their business into new and emerging markets. Because we had done this before with several other clients, the process was smooth and efficient, saving the organization time and man-hours.

You save yourself some money. Using an MSSP cuts costs for companies and gives them a competitive advantage by providing a more secure environment. For example, if a retail store needs to increase its security posture, does it call on someone internally who may have never done that before, or does it outsource the responsibilities to a known, specialized organization? In the latter option, the MSSP would have experience with ramping up network security without wasted effort or resources.

The job is done right the first time. When it comes down to it, you would not have your primary care physician perform heart surgery. You would go to a specialist. In the same respect, you wouldn’t have your network administrator run your security program. You'd call in the professionals.

Michael Taylor is the Product Development Lead at Rook Security, a global IT security solutions provider.

Rook Security

, Rook Security

critical infrastructure data security security operations

Blogs posted to the website are intended for educational purposes only and do not replace independent professional judgment.  Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA® Conference, RSA Security LLC or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community