Do You Know Your Managed Security Provider?
It was inevitable: cybersecurity is now a commodity. As hacks and data breaches become ever more common, the industry which deals with those threats has become ever more standardized. Where companies once balked at employing anyone to look at cybersecurity, they now include it as a regular operating expense.
That expense is now being outsourced as providers devise scaled solutions for cybersecurity. These scaled solutions usually offer continuous monitoring of operations on a level that companies cannot or would not do with their own resources. Through monitoring centers around the globe, managed security providers give companies the advantage of constant vigilance and knowledge of emerging threats.
Yet there is a down side to commoditized cybersecurity, and it lies in a lack of familiarity. Unlike other “as a service” offerings in the technology sector, cybersecurity often requires a type of engagement which cannot be kept at arm’s length.
Sometimes there’s a worldwide problem with a worm or a Trojan horse. In these scenarios, a standardized approach is sufficient for most companies. Large scale managed security providers perform as well as any cybersecurity solution would be expected to perform when the problem itself is standardized.
Yet when it comes to more targeted attacks, mitigating insider threats, or mopping up the damage from exploited systems, there is rarely a one size fits all solution. In these cases, it pays to have a cybersecurity provider who appreciates the nuances of your I.T. systems.
This is the technology equivalent of the now-famous 3 A.M. phone call quandary. Who do you want on the other end of the line when something goes wrong – an administrator who has extensive knowledge of your systems and can dive right in, or someone with a generic script based on someone else’s architecture? The aftermath of a breach is not a good time for your managed security provider to be coming up to speed on exactly how your systems work.
Unfortunately, many companies have lost touch with the nuts and bolts of their cybersecurity systems. By using commoditized solutions, they have essentially lost the ability to deal with the most complicated – and hence the most dangerous – problems. In pursuit of greater reach and lower costs, they have reduced their ultimate ability to respond effectively to cyber threats.
This is not to suggest that the commoditization and outsourcing of cybersecurity is likely to go away – just the opposite. Rather, it’s the model of outsourced cybersecurity which matters more and more. The product may be a commodity, but it doesn’t have to feel or act that way.
This is where smaller scale cybersecurity providers make sense. Every cyber solution provider can offer basic level monitoring, analysis, and remediation. But only a provider who takes the time to learn the unique qualities and vulnerabilities of your company’s systems will be able to respond effectively to the needs of those systems. Hackers are looking for the unique weaknesses in every organization’s systems – shouldn’t your managed security provider be unique enough to identify and protect them as well?
ECHO takes the time to engage with its customers on their particular cybersecurity needs. Want to know your managed security provider? Give us a call.