Ransomware Drives Demand for Managed Security Services
Overstretched IT And Security Teams Are Outsourcing Detection, Response And Other Critical Cybersecurity Functions.
Key Points
- Organizations are increasingly turning to managed security services to strengthen their cyber defenses against mounting ransomware.
- Proliferating services of increasing sophistication combine automated monitoring and managing of threats with artificial intelligence and expert analysis.
- The next challenge: choosing among all the available options.
Few organizations can afford to mount an in-house team to defend against every cybersecurity risk, especially when threats such as ransomware are multiplying. That’s why half of organizations have turned to managed security services, according to Osterman Research, while another 20% say they hope to. As demand grows, the universe of managed services is expanding, presenting in-house security teams with the challenge of finding the right fit.
Managed Security Services Proliferate
Managed security services may cover a specific application or system or provide a more comprehensive solution, such as an outsourced security operations center (SOC-as-a-service). Within that range, offerings may cover email, firewalls, endpoints, virtual private networks and Internet of Things (IoT) devices. Point, integrated or full-service solutions are available to address patching, scanning, threat intelligence, vulnerability assessments, antivirus protections, predictive analytics, security information and event management (SIEM) and intrusion detection, response and remediation.
The managed security market has experienced double-digit growth over the past five years as services have matured, according to IDC.[1] Managed security solutions are run from remote SOCs, using both automated and hands-on procedures. Managed detection and response (MDR) capabilities are a subset of managed security services that is currently attracting attention as one of the more sophisticated offerings — going well beyond security event monitoring to provide contextual analysis, investigation and decision-making support.[2]
For example, Mimecast’s threat remediation service handles the growing volumes of suspicious emails that are reported by organizations’ employees — often overwhelming their security teams. The service uses threat intelligence, purpose-built tools and machine learning-powered automation, as well as drawing on a team of email security analysts, for the following tasks:
- Intaking emails reported as suspicious.
- Digitally inspecting and comparing emails against the latest threat intelligence.
- Prioritizing and triaging the risks automatically.
- Conducting hands-on, expert analysis of high-risk emails.
- Remediating malicious emails.
- Notifying the IT/security team and employee who reported the issue.
Mimecast also works in partnerships with other managed service providers that integrate its email security solutions.
Providers of managed security solutions can be as varied as the types of services, with Gartner’s market guide including:
- Pure-play security vendors.
- Telecom providers.
- Systems integrators.
- IT outsourcing companies.
- [3]
After an Attack: Managed Incident Response Services
Another type of solution, known as a managed incident response service, addresses an organization’s needs for restoring business operations and otherwise handling the fallout from a successful attack. Osterman’s research shows 38% of organizations contracting for such services today, while another 26% expect to.
Instead of organizations keeping ransomware response professionals on staff in case of a successful ransomware attack, these services give organizations access to specialists who routinely deal with matters such as negotiating ransoms for their clients. In addition to some of the providers listed above, the incident response market includes cyber insurance companies and more specialized service providers.
Why Organizations Turn to Managed Security Services
The current wave of ransomware attacks has added to the already full plate of security teams dealing with email fraud, compliance and other cybersecurity matters. Among the reasons organizations are buying managed security solutions are:
- A complex and expanding threat surface.
- Mounting privacy and security regulations.
- Frustration about the frequency and success of cyberattacks.
- A shortage of cybersecurity professionals.
- Difficulty managing multiple security systems.
- A high volume of alerts.
- The inability to focus on strategic security operations.
- The need to rapidly increase security maturity.
- A potential reduction of costs.
Tips for Choosing Managed Security Solutions
Amid a large and varied array of services and providers, experts advise organizations to choose carefully, considering the following guidance:
- Prepare ahead of the selection process, with well-defined security needs, compliance requirements and use cases.
- Focus on outcomes rather than technologies.
- Understand how your team will work with managed service providers to make the most of their deliverables.
- Ensure integration with your current cloud and security solutions.
- Use best practices in third-party risk management when vetting a provider and overseeing the engagement.
The Bottom Line
Managed services can be a lifeline for overstretched IT and security teams facing ransomware and other cybersecurity threats. The key is knowing how to choose among an expanding market of services and providers, while planning to integrate the services into your security operations.
[1] “The Next Chapter in Managed Security Services Is About Consolidation,” IDC
[2] “10 Hot MDR Companies to Watch in 2021,” Cybercrime Magazine
[3] “Gartner Market Guide for Managed Security Services,” Gartner
Subscribe to Cyber Resilience Insights for more articles like these
Get all the latest news and cybersecurity industry analysis delivered right to your inbox
Sign up successful
Thank you for signing up to receive updates from our blog
We will be in touch!