Intelligent CISO Issue 18 | Page 50

FEATURE TAREK KUZBARI, REGIONAL TAREK KUZBARI, REGIONAL DIRECTOR – MIDDLE EAST, DIRECTOR – MIDDLE EAST, BITDEFENDER, TALKS US BITDEFENDER, TALKS US THROUGH HOW THE MSSP THROUGH HOW THE MSSP MARKET HAS EVOLVED AND MARKET AND OF WHAT THE HAS MAIN EVOLVED ADVANTAGES WHAT THE MAIN ADVANTAGES THESE SERVICES ARE. OF THESE SERVICES ARE. How has the MSSP market evolved and changed over the years? Several years ago, security vendors were providing remote security capabilities to enterprise customers that were looking to outsource security. This has completely transformed today with almost no resemblance to earlier years. The Managed Security Services Providers (MSSPs) today are much more stable and can be considered as a strategic partner for organisations. Main players in this market are the telecommunications providers, enterprise pure play providers and boutique pure play providers. growing at CAGR of 20.6%. However, the demand for advanced Managed Security Services will continue to rise and is fuelled by a few key criteria: • Cybersecurity skills shortage • The growing need for compliance • Increased cost of acquiring, managing and maintaining ever evolving security products and practices • Scalability What is driving the increased adoption of MSSPs? What are the main advantages of an MSSP? Here are the key challenges that organisations currently face and how MSSPs are able to address them: Focus on core business activities With the increased competition, efficiency and productivity across different industries, most companies are choosing to focus on their core competencies and, as a consequence, they are allocating resources to offer products and services that their customers are looking for. Since the majority of organisations are not in the business of securing their infrastructure, they are increasingly outsourcing their cybersecurity to MSSPs which possess the advanced security skills and the tools needed to achieve that. Skills shortage According to Gartner, skills challenges continue to plague organisations that undergo digitisation, with digital security staffing shortages considered a top inhibitor to innovation. Tarek Kuzbari, Regional Director – Middle East, Bitdefender Monitoring customers’ infrastructure, in real time, against threats to improve security posture, was the main driver for MSSP services. Due to the increase of threat sophistication, the advanced capabilities are now in more demand. According to IDC, the Managed Security Services (MSS) market in the Middle East, Africa and Turkey (META) market will cross US$900 million by 2022, 50 Reports state that the worldwide workforce is heading for a shortfall of 1.8 million cybersecurity workers by 2022 and the industry is not attracting newcomers to fill the gap. This is exacerbated in the Middle East, where organisations typically have smaller IT teams and therefore struggle to keep on top of new threats and technologies. Increasing complexity of compliance British Airways faces a record fine after a website failure compromised the personal details of roughly 500,000 customers. With GDPR, organisations must bite the bullet and invest in cybersecurity solutions that ensure compliance. But this is not easy – firstly, they need to understand the complexity in the legal requirements and, secondly, they need to constantly tweak their security solutions to make sure they are compliant with the most current regulations. Since MSSPs’ core focus is security for clients, they offer comprehensive knowledge of legal requirements and industry standards. Costs With the increase in the number of security solutions needed to provide organisations with a comprehensive security defence, we have seen a corresponding, and arguably exponential, increase in the costs of managing security. Outsourcing security services to a third-party service provider is one of the most significant advantages MSSPs provide. MSSPs tend to have multiple clients, which enables them to achieve economies of scale by spreading the cost of people and infrastructure they use to secure their clients. The increasing sophistication of attacks Intellectual property theft, financial gains and sabotage are motivating cybercriminals to evolve their attacks against organisations. These attacks are far more sophisticated than ever and require robust security frameworks, technologies and tools, management and monitoring capabilities and analysis of threat evolution. Key considerations when working with an MSSP It’s crucial to consider the following criteria when working with an MSSP: • • • • • Technology stack Team expertise Industry knowledge and references Service cost Brand reputation and financial stability u Issue 18 | www.intelligentciso.com