Ways for MSSPs to Survive in the New Infosec Age
Adi Dar | May 02, 2018
Over the course of the last few years we have experienced the cybersecurity reality changing dynamically in front of our eyes: multi-vector attacks are increasingly common, file-less attacks are presenting new detection challenges, and ransomware can now not only lock a workstation, but propagate across the organization and disrupt the entire operation. These, and other emerging threats, have changed the way we think and practice cybersecurity. As a result, the role of cybersecurity organizations has become significantly more complex and challenging. However, more than anything else we are experiencing a dramatic increase in the shortage of skilled cybersecurity professionals. This shortfall has become the number one obstacle for CISOs in establishing an effective cyber security operation. To solve the problem, many organizations are outsourcing their entire Security Operation Center (SOC). This trend is driving explosive growth of the managed security service provider (MSSP) market. Driven by fierce competition, MSSPs are seeking new and innovative ways to expand their offering and solve more pieces of the cybersecurity puzzle for their customers. Many of them expanding from perimeter security and managing devices, to managing threats and providing hunting, incident response (IR) and managed detection and response (MDR) services. As MSSPs strive to remain competitive during this shifting landscape, they are faced with many challenges. For example, MSSPs are challenged with having to deal with multiple security vendors and integrate them into their technology stack. Today, most traditional MSSP IT customers manage some level of OT assets, ICS networks, and IoT assets. Attackers have more ways to penetrate the organization and they traverse across these environments to locate critical assets, resulting in an expanded and converged attack surface. MSSPs also work with anywhere between dozens of customers for the smaller providers, to thousands for the large MSSPs. They are managing tens of thousands of events per day, even more in some cases!