By Richard Frost, Product Head for Cybersecurity at Armata
One of the main drivers of growth in (Managed Security Services Providers) MSSPs has been the global shortage of cybersecurity skills, as well as the prohibitive costs of building a cybersecurity team for most businesses. As a result, companies prefer to work with MSSP partners who tend to have a bigger team of security experts, with experience across a range of environments, whereas a company might only have a single person looking after cybersecurity.
A further benefit of outsourcing to a MSSP is that not only does an organisation get access to more skilled people who are able to help resolve a problem, but these experts are constantly at the forefront of security, are more accustomed to resolving issues and can do so more quickly. Think about it: if someone is a security expert in a particular industry, they will have a specific focus and outlook on security based on the standards and requirements of that particular industry.
Meanwhile, security experts at MSSPs are often sourced from a broader skills base, exposed to a variety of incidents on a daily basis from across industries, and have copious resources from partner vendors to support them. Skill sets can be limited based on the environment; you don’t know what you don’t know, and learn from past experience – and cybersecurity experts from a competent MSSP will have this experience.
In addition to the benefit of greater expertise, MSSPs also make use of tools that most organisations don’t normally have access to. As an example, if an organisation chose to manage a firewall by itself, they would most likely struggle under the load of daily events that are logged by the device and usually can’t afford the more advanced management tools that are available.
An MSSP providing a managed firewall service on the other hand can subdivide or multi-tenant tools so that they can be used to look after the firewalls of multiple customers, bringing down the per unit cost. As a result, the MSSP can offer the service at a cheaper rate than if the customer had tried to do it themselves. Not only is there a potential financial saving, but organisations mitigate against missing risks, or not taking the proper action once one has been identified.
It should be noted however that the cost of having these expert resources is high and as a result cybersecurity unfortunately tends to be seen as a grudge purchase – too expensive to invest in, until an organisation is hit with a ransomware attack that costs them multiple times more than preventative measures would. It’s the same as insurance; you don’t think you need it, until the day you do.
As such, when selecting an MSSP partner, it is crucial that organisations build a holistic scorecard that looks at more than just price. What is their partner status with major security vendors? What are they delivering for that price? Can they even deliver? Ultimately, when it comes to cybersecurity, businesses need to ask themselves, ‘How much risk am I willing to take?’.