Given the news headlines, that’s not too surprising. Take the recent announcement from Yahoo, for example. Last month, the company disclosed that data was stolen from over a billion user accounts in 2013 by a “state-sponsored actor,” exposing personal customer information. And think about the recent indictment of three Romanian nationals for their role in a widespread cyber fraud scheme that compromised at least 60,000 computers and resulted in the theft of at least $4 million. These are only two examples of the threats we face in our industry. But both of them illustrate the craftiness, sophistication, and success of today’s cyber criminals.
Fighting back requires a different approach. Prevention-only strategies simply aren’t effective against today’s advanced threats. Thus, security professionals are combining preventative measures with more “detect-and-respond” capabilities to improve their security defenses. And that’s a strategy supported by many in the industry. In a press release last August, Elizabeth Kim, senior research analyst at Gartner, said this in reference to the strategy: “We strongly advise businesses to balance their (information security) spending to include both.”
How do Managed Security Services Help?
Managing the daily operations of IT, while staying abreast of the latest cyber threats, can be overwhelming. Cyber crime is an organized industry. Threats continue to evolve and mature. There are a myriad federal, state, and local security regulations to comply with. And cybersecurity talent is scarce.
In today’s business world, security is more than a technology challenge; it’s a brand issue. And in some cases, a marketplace survival issue. According to data reported by the National Cyber Security Alliance, 60% of small businesses fail within six months after experiencing a significant cyber breach. It’s no wonder why IT leaders feel so much pressure.
Managed Security Services can help relieve some of the pressure. By combining much-needed cybersecurity knowledge, talented resources, and effective technology tools, Managed Security Services helps IT leaders optimize their security program by taking over several critical security functions, such as:
Security log monitoring
Monitoring security logs can be burdensome for short-staffed internal teams. But the activity is essential for a “detect-and-respond” strategy and required for compliance with PCI DSS, HIPAA, SOX, and other regulations. Performed well, security log monitoring detects anomalies within log files 24/7 and automatically generates alerts for further action, which helps to identify and contain malicious activity before widespread problems occur.
Security log management
Security regulations mandate that logs are not only monitored but also retained. Safely storing logs and protecting them from manipulation requires separation of duties, robust controls, and dedicated staff to accomplish it.
Gartner predicts that, through the year 2020, “99% of vulnerabilities exploited will continue to be ones known by security and IT professionals for at least one year.” Knowing vulnerabilities exist and doing something about them are two different things. An effective vulnerability management process not only scans to identify vulnerabilities but also tracks and manages the remediation process to ensure known exposures are resolved and not ignored.
Fully-staffed Security/Network Operations Center (SOC/NOC)
Maintaining a 24/7/365 operations center to monitor activity, detect anomalies, and remediate issues is a critical part of any security strategy and requires the right mix of skilled engineers, good processes, and effective tools for it to be successful.
Without question, cybersecurity is complicated, and the security product and services landscape continues to change. Existing offerings are maturing, expanding into new areas and broadening current capabilities. And data analytics and machine learning are taking automation and threat intelligence to new levels. It’s a lot to keep up with, which is one reason navigating the realm of security can be such a challenge. But help is available. Leveraging the security talent and expertise from a trusted partner could make a big difference.