Is your cybersecurity investment going to waste?
“The current attack vectors are larger than ever, so you have a lot of organizations that are confused on the steps they need to take [to combat cyber attacks],” said Joseph Khunaysir, president of Toronto-based IT services company Jolera. “One of the major reasons we engage with customers and partners alike is because they are looking for our experience and our expertise.”
According to a survey done by the Canadian Internet Registry Authority, 67 per cent of small and medium-sized businesses in Canada outsource at least part of their cybersecurity footprint to external vendors. However, using multiple vendors or security partners can be a security risk. A common challenge is the ability to manage security alerts. According to Cisco’s 2018 Annual Cybersecurity Report, organizations using more than 50 vendors faced more challenges managing security alerts (55 per cent) compared to those with only one to five vendors (eight per cent). Receiving many different security alerts can lead companies to accidentally miss important notifications. This affects an organization’s ability to detect, investigate and remediate threats.
Having in-house resources like a security operations centre (SOC) can be expensive. A SOC houses a security team that is responsible for monitoring and analyzing security events. According to employment search engine Indeed, the average salary of an information security analyst is about $75,000. The average SOC requires about four analysts, which brings the cost of personnel to about $300,000. This doesn’t include the cost for a room to accommodate the SOC, licensing/equipment fees and time spent hiring a SOC team. Instead of paying hundreds of thousands of dollars for a SOC, an organization can outsource these operations at a more manageable cost.
Outsourcing IT security operations allows businesses to focus on their core competencies while having their security concerns met by experienced professionals using the latest technologies. For businesses that are unable to invest in the high cost of technology upfront, outsourcing to a managed security service provider (MSSP) for a monthly price makes it easy to budget security expenses. For example, the average cost for a Barracuda firewall is around $5,000. This price only includes the device and doesn’t account for services such as installation, configuration and management. With a provider, a managed firewall can be as low as $150 per month and include security services.
There are several security providers in the industry, so how do businesses know they’ve partnered with the best one? After all, companies don’t want to be investing in an ineffective cybersecurity solution that leaves their businesses vulnerable.
Businesses need to do their research when deciding to partner with an IT service provider. Benchmarks like years of experience, range of resources, processes and where they are located should be taken into consideration. Being able to have access to reports and data is helpful for companies looking to measure their return on investment and determine if they are receiving adequate security.
“If you’re working with an MSSP that cannot demonstrate good reporting, or be able to walk you through a concise, easy-to-understand report, then you should really question how much value you’re getting for your investment and where it’s going,” said Khunaysir. “Being proactive with the customer is also important. If an MSSP is informing customers of new threats and working with them to patch vulnerable systems and remediate security alerts, it’s a good sign they’re ahead of the game.”
This article was provided by Jolera for commercial purposes.
Published at Mon, 22 Apr 2019 16:53:25 +0000