complex IT infrastructures, higher cloud adoption rates, and a myriad of
endpoints resulting from an onslaught of connected devices and sensors are
driving the need for managed security services. In fact, a recent IDC report indicated managed security services will be
the largest technology category in 2019, with firms spending more than $21
billion for around-the-clock monitoring and management of security operations
The Threat Landscape
One of the
first things companies need to do as they adapt to the changing landscape of
cyber threats, the adoption of hybrid approaches to data storage and the
increased digitization of their IT infrastructures is to understand the threats
that could directly impact them and determine where – and how – to allocate IT
resources. This begins by taking stock of the vulnerabilities within the
organization and areas that are most prone to an attack, including:
- Endpoints which are an easy target for hackers. They
can be accessed in-person or remotely and include normal, everyday tools used
in the workplace such as laptops, cell phones, USB drives, etc.
- Similar to endpoints, emails are a major point of exposure for organizations. All it
takes is for one person to click the wrong link or open a file they shouldn’t,
and the network can be compromised.
network which is the
heart and brain of an organization. It is where all information is stored,
making it a desirable target. It is also the means by which attacks are
launched and targets accessed.
are just a sample of the soft spots susceptible to attack, they are a good
representation of areas organizations need to pay close attention to when
evaluating internal and external threats. Vulnerabilities leave organizations
exposed on several levels. The most serious and potentially damaging attack
vectors or threats are those designed to expose and exploit vulnerabilities in
the IT infrastructure. Engineered by hackers, the following attacks are seen
across industries and vary in sophistication based on the target:
- Phishing. This is a very common approach. Hackers send out several emails to
targets with an infected link. They just need one person to click the link.
- Ransomware. Attackers work their way into the system,
either via an endpoint or email hack and sit in the background for months before acting. They
monitor network behavior to understand where the most valuable information
resides before attacking. Once they attack, organizations lose access to data
and systems and can not regain access unless a ransom is paid.
- Sophisticated level. These
attacks require a highly skilled hacker and are often state sponsored. These
hackers are very patient and can sit for months, years, in a network looking
for vulnerabilities. They then plan and launch an attack that paralyzes the
- Warshipping. Attackers
arrive via the front door at the enterprise disguised as an e-commerce package
with a tiny device attached to remotely perform close-proximity attacks.
efficient and effective way to uncover vulnerabilities is to do a risk
assessment of the company’s IT systems. While no technology is ever 100 percent
secure because companies still need to rely on users to do the right thing; be
vigilant against attacks, report incidents, and follow protocol for addressing
concerns. Security is only as strong as the weakest link, which in most
organizations’ cases are the people.
The Solution: Managed Security Services
to the concept of managed infrastructure or managed applications, a managed
security service is one where a service provider (such as SoftwareONE) will
completely manage a single or combination of security solutions for multiple
customers. Managed security service partners have dedicated resources whose
task is solely to review, assess and take countermeasures against the latest
security threats and attacks being launched against IT users and corporations.
it comes to overseeing a managed security service, each organization is unique.
Some choose to designate an in-house team member to serve as the point of
contact and supervisor, while others enlist an external resource. In the ideal
scenario, organizations would have a dedicated internal security team, solely
focused on just its own corporation. However, the dearth of skill sets and
their high cost, makes this prohibitive for all except global enterprises. The
next best solution is a business partner who will manage the security solutions
with a team dedicated to security but leveraging the economies of scale of
supporting multiple customers.
practices for selecting the best managed security service starts with understanding risks associated
with the organization. Organizations need to define a strategy that best aligns
with existing business processes and goals. Next, they can draft a policy that
specifically addresses the risk. Finally, they need to apply policies on the
tools. Once they know the problem they’re trying to solve, they can select the
best technologies and providers to help solve it
need to be risk-centric. They need to identify vulnerabilities and prioritize
remediation based on potential risks or threats before they select any
technologies or partner for the job.