Managed Security Services (MSS)
IT security specialists are rare. How can companies prevent this shortage from endangering their security? The answer can be found in a general trend in IT.
Text: Andreas Heer, Images: iStock by Getty Images, first published on october 15, 2018, updated on January 19, 2021.
There is a double gap in IT security: On the one hand, new forms of attack are constantly cropping up. On the other, there are not enough security experts. The good news is that companies are not helpless in the face of this situation. Managed security services (MSS) enable companies to outsource parts of their IT security to specialised providers, thus bridging the shortage of skilled workers or overcoming it sustainably.
A quick look back suffices to explain why the demands on IT security are increasing: the EU’s General Data Protection Regulation (GDPR) came into force in May 2018. This also affects Swiss companies that work with EU citizens in EU countries. Shortly thereafter, cryptojacking targeted the web browsers of unsuspecting users. Here, cybercriminals use the computing power of a website visitor to mine cryptocurrencies. Phishing and malware-infected e-mails are more or less perennial favourites. What’s more, attacks often target specific individuals or companies.
At the same time, digitisation is increasing infrastructure complexity: What data is stored in which cloud and what should remain on local infrastructure? And what additional security measures does such a hybrid infrastructure require?
Solutions to the shortage of skilled labour are needed for a variety of reasons. Company executives are now acutely aware of the importance of IT security. After all, digitisation and the use of new technologies are also creating new avenues for attack. At the same time, cybercrime is becoming more professional. This is leading to an increase in attacks because only successful attacks pay off. These trends are also being reflected in company budgets: currently, about one-eighth of all ICT spending is on security. According to the ICT security study, this expenditure has increased by about five percent compared to last year.
The most important IT security issue from a business point of view is the protection of corporate data. For IT departments with a more technical perspective, the focus is on protecting the ICT infrastructure and networks.
Companies are increasingly turning to managed security services to compensate for missing know-how. The core of this lies in protecting against attacks using firewalls, intrusion detection/prevention and web and e-mail security. Threat detection and response services, including security operations centre (SOCaaS) services, are likewise in increasing demand. There are also business-related services such as data leakage prevention systems, user authentication and digital signature solutions.
Although MSS enables many core areas of IT security to be outsourced and missing specialists to be compensated for, companies need to rethink if they are to switch from operating a technology operation to using a service. They must define which processes and safety measures can be outsourced and who is responsible for what. In any case, a company needs the know-how to define its own security guidelines and use these to manage the relationship with its security provider.
Why are IT security specialists in short supply?
Cybersecurity is one of today’s hot topics, and its importance continues to grow in the context of digitisation. In addition, the topic has definitely arrived on company boards, and businesses are investing heavily in their own security. Secondly, security is a growth business for service providers. This is leading to a very high demand for suitable specialists – from companies and authorities as well as IT service providers. The demand is therefore higher than the “supply” of security specialists currently available. Security specialists can thus often choose where they want to work.
How can companies react to the shortage of skilled workers?
As always when it comes to the “fight for talent,” companies have to be attractive to employees and offer appropriate perspectives. A security specialist usually wants to work in a place where he is “in the thick of things,” in other words in an interesting environment that can teach him something and thus increase his own market value. Companies should also consciously develop a plan for how and where to find specialists. That is, they must switch to active sourcing.
How can an MSS provider support companies?
An MSS provider can unburden companies by taking on a lot of tasks that are not part of their core skills. In this way, companies can ensure, for example, that their security infrastructure is always up-to-date and available and that they can react appropriately to security events and incidents. Security is a 24/7 topic. This can also be solved elegantly by an MSS provider. Because the provider operates security for many customers, it can also offer a security operation centre as a round-the-clock service continuously staffed by IT security specialists.
What requirements must an MSS provider meet?
Most importantly, a business must trust the provider and the people behind it. The provider’s track record is also very important, in other words, its existing references. These should ideally be in the same industry. In addition, a company should verify how broad the skillsets of the provider’s specialists are. This applies to both security engineering and security operations. Can the provider’s team credibly operate a security operation centre around the clock? Another very relevant factor is compliance with regulatory requirements (e.g. ISO 27011, ISAE 3402/3000, etc.). In addition, it is important to keep abreast of the constantly changing threats and find solutions and/or adapt the security services with sufficient rapidity. This also includes, for example, the ability to provide the services in a public cloud.
What role does Switzerland play in MSS as a provider’s location?
Swiss MSS providers can score points through their proximity to the customer, local service management, local threat intelligence and good network integration. So too can a good understanding of the current and upcoming regulatory requirements in Switzerland and in the various industries. The customer must be confident that he can embark on his digitisation journey together with his Swiss security partner and that this is absolutely strategic for him. Interdisciplinarity is important. By this I mean that the provider can combine measures such as cloud computing, networking, data centres, workplaces and, of course, “masterpiece” security. When dealing with security incidents, it also helps a lot if you speak the same language and are within the same time zone.
More on the topic