The cybersecurity talent crunch is putting the squeeze on enterprises of all sizes. There just doesn’t seem to be enough expertise to solve the cascade of digital security woes enterprises face or manage their high-intensity solutions like SIEM or EDR. It is of no surprise then that so many enterprises are turning to managed security services providers to help them fight off hackers and insider threats alike.
But what does your enterprise face in cybersecurity that requires the intervention of managed security services providers? What resources can these vendors provide? To answer these questions and more we turned to Tyler Hardison, CTO of managed security services provider Redhawk Network Security. Here’s our conversation, edited slightly for readability:
Solutions Review: Speaking as a Managed Security Services Provider (MSSP), where do enterprises need the most cybersecurity help? Where are they faltering the most (SIEM, risk assessment, etc.)?
Tyler Hardison: A lot of organizations are struggling to stay ahead of the current and latest threats. What we’re finding is that most IT managers are focused on uptime and prioritize the availability of systems, often relegating security to budget line-items. What happens is IT managers are continually implementing new solutions to address single issues, often only partially implementing new solutions. This, then, increases the complexity of their environments. With this complexity, the ability to effectively manage the entire security landscape becomes impossible.
Other organizations are fatigued and/or unaware of the threats their business faces. These organizations are taking an almost hands-off approach to security by relying on “we’re too small to be a target” or “we don’t deal with sensitive information” stances.
In both situations, there is a lack of clear understanding of business impacts, such as an attack on their infrastructure and/or data assets.
SR: Following up with that, what issues do managed security services providers run into in trying to help enterprises improve their cybersecurity platforms? What programs do they not understand or not wish to implement, if any?
TH: It depends on the enterprise. Information Security practitioners are often stuck in the position of explaining the deeper risks to their business. For some, this information isn’t necessarily welcome, particularly if they do not have the knowledge, expertise, or existing infrastructure to implement the needed changes. For others, the information is welcome, but they don’t know where to start.
In most cases, breaking down the problem into risk levels and tackling the highest risk first is our most common recommendation. For example, what is the most pressing risk to your organization? Is it protecting a database full of client information? Start there and determine what layers you can put into place that will protect that information.
SR: Are small-to-medium businesses (SMBs) more at risk for lacking cybersecurity resources or becoming overwhelmed? Or is that a misconception?
TH: Everyone is equally at risk, but not everyone is equally equipped to combat the problem. Another issue exists where companies in more rural areas, or away from technology centers, find they have a lack of a talent pool from which to hire.
In these cases, SMBs find themselves at a disadvantage against their peers in larger markets. Even in the technology markets, cybersecurity professionals and senior engineers command high salaries that they simply cannot budget for. The good news is: the smaller the enterprise, the easier it is to secure.
SR: What can managed security services providers offer stressed out enterprises?
TH: Managed security service providers help by concentrating large talent pools and spreading the cost amongst their subscribers. Most SMBs do not need to be fully staffed across all domains and can instead leverage a shared model with other enterprises to reduce the overall cost of their cybersecurity program. When you choose a managed security services provider, that provider is also focused on the expertise an organization needs and training talent to meet those needs.
Additionally, you now can leverage knowledge gathered from the support of organizations that may not even be a part of your organization’s expertise. This means you get best practices and experience that not only meets your needs but will often exceed them.
Thanks again to Tyler Hardison of Redhawk Network Security for his time and expertise! As Chief Technology Officer at Redhawk Network Security, Tyler Hardison, CISSP, PCI-QSA, plays a key role in leading new product strategies, initiatives, and is responsible for developing technology solutions and service offerings for clients. With his extensive knowledge of evolving cybersecurity threats, Tyler leads the development and execution of secure information technology environments for organizations of all sizes.
Latest posts by Ben Canner (see all)
- 6 Questions About Machine Learning in SIEM (Answered!) - June 18, 2019
- 5 Unexpected Factors in SIEM Deployment to Consider - June 14, 2019
- The 24 Top 2019 SIEM Platforms for Enterprise Cybersecurity - June 13, 2019