Most organizations worldwide are engaging managed security service providers (MSSP) to help them meet their cyber security needs, although most organizations wait until they become victims of a cyber attack before hiring an MSSP, according to a new study sponsored by Raytheon [RTN].
“The old cybersecurity concept of defend, detect and respond is insufficient in the face of today’s sophisticated threats,” concludes the study, Don’t Wait: The Evolution of Proactive Threat Hunting. The study was conducted by the Ponemon Institute.
“The current, most effective security concept is detect, isolate and eradicate through an in-house team or with a managed security service provider,” the report says. However, it adds, “Even though the lion’s share of information security leaders agree that MSS is an important part of their overall cybersecurity strategy, most of those are still focusing on commodity prevention-based services and ignoring proactive security.”
For the report Ponemon surveyed 1,784 chief information security officers and other senior information technology leaders across a wide range of industries and governments in North America, Europe, the Middle East and Asia Pacific, who are familiar with their organization’s managed security services practices.
The report says that 56 percent of respondents use an MSSP and 22 percent say they plan to engage one in the future. Of organizations that aren’t using an MSSP, two-thirds say they would likely engage one if their organization suffered “significant data loss resulting from an IT security incident.”
Of the respondents, 59 percent said they used MSSPs because it improves their organization’s security posture, 58 percent said they used these services because of the challenge to recruit and retain the necessary expertise, and 57 percent said they suffer from a lack of in-house technologies. The report says that organizations using MSSPs “understand the primary benefits of leveraging external expertise.”
Just over half of respondents say that their MSSPs have found exploited software vulnerabilities that are more than three months old.
The report identifies several barriers to successfully outsourcing security services. It says 51 percent of respondents replied that a “lack of visibility into the outsourcer’s IT security infrastructure is the main hindrance to a successful approach to outsourcing.” Forty-nine percent of respondents said inconsistency between organization’s culture and the outsourcer are a problem.