New research has revealed some discouraging, though perhaps not surprising, news about enterprise security: Organizations are constantly under attack and struggling to keep up. The natural question: Can MSSPs (managed security services providers) ride in to the rescue?
The security challenge: Firms experience an average of 40 actionable security threats each week, according to an IDC survey sponsored by Splunk, a big data analytics company. Only about a quarter (27 percent) think they are coping comfortably with this workload, while one-third (33 percent) describe themselves as “struggling” or “constantly firefighting.”
Less than half of respondents (47 percent) said their security teams gather enough information about these incidents to take appropriate and decisive action, while 53 percent said their resources are too tied up in routine operations and incident investigation to improve security capabilities.
“The amount of time companies are spending on analyzing and assessing incidents is a huge problem,” Duncan Brown, associate vice president of IDC’s security practice, said in a statement. “The highest-paid, most skilled staff are being tied up, impacting the cost and efficiency of security operations. This is exacerbated when considered alongside the security skills shortage, which has most impact in high-value areas like incident investigation and response.”
The study, “Investigation or Exasperation? The State of Security Operations,” was based on a survey of 600 senior security professionals across the U.S., U.K., Germany, France, Sweden and the Netherlands.
Opportunities for MSSPs
With security teams so overwhelmed, managed security service providers (MSSPs) have opportunities to relieve all that stress, growing their own businesses.
Worldwide spending on security-related hardware, software and services will grow to $101.6 billion in 2020, up from $73.7 billion in 2016, IDC predicts. Security-related services accounted for nearly 45 percent of all security spending last year, while managed security services were expected to generate $13 billion in revenues.
Among the industries making the largest security investments - banking, discrete manufacturing, government, and process manufacturing - managed services are the largest segment of security spending.
Other interesting survey findings include:
- Everyone’s under attack: 62 percent of firms are being attacked at least weekly, while 30 percent are attacked daily and 10 percent hourly or continuously.
- Some industries have it worse: Though the average across all industries is 40 actionable security alerts per week, the finance industry sees an average of 77 and telco averages 124.
- Transparency falls short: Most firms notify the board of a breach at the last possible moment, many only when sensitive data or customer information is compromised, or if notification is mandated.
“It’s time to change how we approach incident response,” Haiyan Song, senior vice president of security markets for Splunk, said in a statement. “As attacks become more advanced, frequent, and take advantage of IT complexity, we must become proactive in our approach to security – how else will we know we have been breached?”
Song recommends companies take an analytics-driven approach, automating when possible so security teams can shorten investigation cycles, respond quickly and appropriately, and free up resources to focus on more strategic initiatives that improve security.