MSPs, MSSPs Fill Cybersecurity Talent Gap, Research Finds
Managed security service providers (MSSPs) are filling a huge gap in skilled cybersecurity personnel at nearly nine of 10 organizations surveyed in a new study by security provider Neustar.
Nearly nine-tenths (89%) of security professionals participating in the survey said their organizations had somewhat (45%) or greatly (44%) increased their reliance on external providers due to the ongoing talent shortage. The research was conducted in March, 2022 and consisted of some 300 participants in the U.S. and EMEA.
Most organizations are looking for individuals with cloud security skills (64%), followed by network operations skills (55%) and risk management and application development security skills (both 51%). Slightly less than 30 percent said they were actively seeking to hire for DevSecOps skills.
Slightly more than one in five organizations (22%) said that distributed denial-of-service (DDoS) attacks as their greatest concern, followed by system compromise (20%) and ransomware (17%). All three threats were considered to be rising, the security pros said. The threats that organizations focused their ability to respond to most during this period were vendor or customer impersonation, targeted hacking, and ransomware.
Of the enterprises surveyed in March, 84% reported having been hit by a DDoS attack at some point. The majority (56%) reported outsourcing to MSSPs their DDoS mitigation, and most (60%) said it typically took 60 seconds to five minutes to initiate mitigation.
Here are some additional findings:
- 85% of respondents said accelerating digitalization has created a more difficult security environment for their organizations.
- Although 92% agreed that rushing to implement a digital initiative without fully understanding or addressing potential security challenges is a mistake, more than half (56%) said their organization had done so anyway.
One unexpected piece of data from the survey was the high level of security awareness among the participants, said Carlos Morales, senior vice president of solutions at Neustar Security Services. “Considering that both the enterprise technology environment and the general threat landscape are changing so rapidly, we did not expect such a large majority of respondents — 86% — to state that they understood the security risks to their organization as well as they did two years ago,” he said.
Morales attributed the heightened security awareness to an increased reliance on “trusted external partners” protecting their clients’ “infrastructure, data and people.”