Access your Pro+ Content below.
The managed security provider comes knocking
A constantly evolving threat landscape and a deepening skills crisis has more enterprises looking to a managed security service provider for help handling some of their security requirements. The trend is expected to drive strong demand for MSSPs over the next few years, especially in areas like intrusion prevention and detection systems, distributed denial-of-service mitigation, unified threat management and security information and event management (SIEM). Estimates for the overall size of the global market over the next few years range from the low $20 billion to $35 billion. That makes it one of the fastest growing segments in the security industry. What are the factors CISOs need to consider when choosing a managed security provider and what are some best practices for getting the most out of these relationships?
Enterprises have a range of options for using such services, from managed on-premises or managed customer-premise equipment services to fully outsourced, cloud-hosted options. A hybrid security model has worked for Arlington County in Virginia. The local government's security operations center is managed by in-house engineers who inherently know the network and are better positioned to respond to SIEM alerts from the MSSP. "We preferred the hybrid approach because we had the seasoned staff available to perform this aspect of the security practice," CISO David Jordan said. "It's a positive and successful approach, and the results are repeatable."
Much of the managed security provider growth is being driven by the need for increased security and compliance measures at small to medium-sized businesses. In this issue of Information Security magazine, we look at the evolution of the managed security provider and the best ways to handle these partnerships.
Access this PRO+ Content for Free!
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Features in this issue
Skill shortages and budget constraints have lead some companies to adopt a hybrid approach to managed security. Is it time for CISOs to start looking for 'expertise as a service'?
The vice president and CISO of ViaWest, Ilg is tasked with keeping the IT managed service provider and its cloud services secure.
Why nation-state attribution plays a major role in the U.S. government's willingness to share cyberthreat intelligence with private-sector companies.
Columns in this issue
Despite increasing levels of specialization, managed security service providers often don't understand the business you're in. That may be changing.
Grassroots efforts to shift cultural thinking in information security have had a positive effect, the former professor of computer engineering says.