W
FEATURE
Whatever their size, every enterprise
needs an IT security solution that
offers as much protection as they can
afford. However, with various competing
priorities for inward investment and
limited resources, organisations need to
be savvy about how they allocate their
cybersecurity spend to make it go further
and get more ‘bang for their buck’.
Matt Walmsley, EMEA Director at AI
threat detection and response company
Vectra, and Grant Paling, Head of
Managed Services at SecureLink, a
Managed Security Service Provider
(MSSP), discuss how to get the most
cost-effective, valuable security solution
on a tight budget.
What kind of security capabilities
are organisations outsourcing
to MSSPs?
Vectra: Organisations are increasingly
transforming into ‘digital businesses’,
where almost all of their operations
are conducted online – documents
created, stored and edited in the cloud,
communications via email, meetings held
over Skype or Zoom.
This creates a greater attack surface
for cybercriminals, yet businesses have
limited time, money, people and skills with
which to secure their operations. Then
there is the fact that the threat landscape
is continuously changing and data
privacy regulations are getting tighter.
To cope with these challenges, many
businesses are outsourcing various
security capabilities to MSSPs, but they
need to look at whether these are the
right ones to outsource.
Matt Walmsley, EMEA Director at AI threat
detection and response company Vectra
www.intelligentciso.com
|
Issue 16
Grant Paling, Head of Managed Services
at SecureLink
functional SOC and having modular
solutions that will fill the gaps where
needed has become massively important.
What advice do you have
for creating an effective IT
security system?
Vectra: Do the basics first and do them
well. This includes perimeter security
(firewalls), access controls (MFA)
The most common
way is to assess the
current operating
state, develop a
target operating
model and then
analyse where the
gaps are.
SecureLink: Companies are still
outsourcing activities such as managed
firewall, IDS/IPS and content security
to MSSPs. However, a far greater gap
in skills has emerged in the area of
Managed Detection and Response (MDR)
and other activities commonly undertaken
by a Security Operations Centre (SOC),
such as vulnerability management and
advanced endpoint protection. and end point controls (AV/malware
defences). Don’t forget about users
– they’re your biggest attack surface
and first line of defence, so ensure
you do regular security training with
them, embed security into the business
culture, rather than just seeing it as an IT
or ‘technology’ issue.
Many customers just do not have the
time, money or experience to build a Next, look to mature your security
posture with detection and response,
49