WHITE PAPER. Managed Security. Five Reasons to Adopt a Managed Security Service

Transcription

1 WHITE PAPER Managed Security Five Reasons to Adopt a Managed Security Service

2 Introduction Cyber security presents many organizations with a painful dilemma. On the one hand, they re increasingly vulnerable to a fast-growing range and number of cyber breaches and exploits. On the other, they lack the funds, manpower and expertise to mount adequate defenses. On both fronts, managed security service providers (MSSPs) can help. How bad is the problem? Pretty bad: Over the last two years, more than 35 percent of companies suffered at least one material or significantly disruptive security exploit or data breach, finds security consultancy The Ponemon Institute. The average total financial impact for each incident was a serious $3.4 million. As a result, more than 70 percent of executives surveyed by Ponemon now consider cyber risk to be among their top 10 business risks overall. And more than 60 percent of executives in a wide range of industries say data theft and cybercrime represent the greatest threat to their organizations reputations, finds another survey, this one conducted by Frost & Sullivan. Among retail industry CEOs, 97 percent say managing data security is at the top of this year s priority list, finds Forrester Research. MSSPs help by remotely monitoring, managing and augmenting your IT security functions. These functions are delivered to you as shared services, not from your own premises, but from a remote security operations center operated by the MSSP. Not surprisingly, demand for MSSP services is growing. Gartner says the overall global security-outsourcing market brought in revenue of $7.9 billion during 2014, and the research company expects that figure to grow at an annual growth rate of just over 15 percent through More specifically, spending on managed security services in North America should grow from $1.1 billion in 2010 to $3 billion in 2018, predicts Frost & Sullivan (Figure 1). $4 $3.0 $2.5 $2 $1.1 $1.5 $2.0 $ (in billions) Fig. 1: Managed Security Services Revenue in North America - DATA: Frost & Sullivan, July

3 While MSSP offerings vary by supplier, they most commonly include managed firewalls, intrusion detection, security information and event management (SIEM), virtual private networks and vulnerability scanning. To bolster your defenses over time, some advanced services also combine big data analytics, machine learning and human expertise. Some MSSPs also offer professional consulting services, including security audits, compliance and penetration testing. Here are five important reasons why your organization should consider working with a managed security services provider, as well as what to look for when selecting a provider: Reason No. 1: Cost Control Providing your organization with comprehensive security monitoring, detection and blocking is a massive effort. It s also very, very costly. Working with a managed security service provider can help you control those costs. For example, Masergy s unified security platform has been proven to offer savings of up to 60 percent savings in a variety of security areas. MSSPs enable these cost savings by reducing your capital expenditures, staffing and training needs. What s more, when your enterprise IT teams work with MSSPs, they can increase their own efficiency by focusing staff on strategic initiatives and letting the service provider focus on time-consuming tasks, such as security monitoring and analysis. In addition, you no longer need to provide all the manpower and skills yourself. Instead, you can utilize a services provider s staff on a continuous or as-needed basis. Compared with hiring additional in-house staff, it s less costly, requires no training, doesn t involve adding expensive real estate or computer systems, and lowers your personnelmanagement load. Reason No. 2: Access to Expertise IT security is increasingly complicated, demanding and important. But building an in-house staff of dedicated IT security experts, and keeping them trained on the latest cyber exploits, is both time-consuming and costly. For many organizations, it s simply too expensive. The result? Many organizations are running with too-few security staff. As Daniel Kennedy, a research director at 451 Research, writes: There simply aren t enough in-house personnel to do all the things an enterprise needs to do to stay ahead of the information-security curve. Indeed, more than 55 percent of information-security executives believe they have too few information-security staff, finds a Frost & Sullivan survey (Figure 2). 3

4 10%: Don t Know 2%: Too Many 32%: Right Number 56%: Too Few Fig. 2: Does your organization have the right number of information-security workers? - DATA: Frost & Sullivan, July 2013 The MSSP model helps by empowering your organization benefit from the shared knowledge and skill of the service provider s dedicated security experts. MSSPs provide not only proprietary technology and expertise, but also control and oversight of security systems, measures and countermeasures. Their staff experts are highly trained, have extensive industry experience, and are certified by reputable security industry organizations. And the best providers offer their services on a 24x7 basis, so you re covered night and day. Masergy s certified security professionals have won both industry awards and customer praise for their advanced approach to cyber security. They re trained to understand the unique requirements of your networks, and bring muchneeded insights and advice when your security is at risk. Reason No. 3: Access to Innovation The bad guys are moving fast, coming up with new ways to compromise your networks and data. To keep them at bay, you need monitoring and incident response capabilities that are agile and responsive. MSSPs can help by offering innovative services and approaches. For example, Masergy s Unified Enterprise Security service combines the power of machine learning, big data analytics and human expertise. That gives us the ability to monitor, learn and predict where your next security incidents will come from. Certified security experts in Masergy s Security Control Center work in harmony with our patented Unified Enterprise Security technology to identify, investigate and identify threats before they cause harm. 4

5 Here s how it works: Masergy s patented adaptive behavioral analysis system analyzes every packet to build normal network behavioral profiles for your networks. It then retains and continuously enhances that knowledge over long periods of time. With this information, Masergy can then build a behavioral profile and deploy unique methods to detect and thwart hacker reconnaissance activity prior to an attack. In addition, Masergy continuously adapts to your network activity. Leveraging our patented behavioral analysis and correlation software, you get better predictive and proactive threat data. The potential for an intrusion is discovered earlier, and at a more detailed level. This enables your security team to enact more specific countermeasures before the threat causes material harm. The cloud is another essential component of any MSSP offering. This innovative technology allows MSSPs to offer security services remotely. It also means that you don t need to acquire new technology, or data centers in which to run it. And perhaps the biggest advantage is that updates, patches and other innovations can be delivered quickly and with little to no effort on your part. Reason No. 4: Information from Multiple Sources Cyber attacks can enter your networks from a wide variety of sources, including but certainly not limited to the public cloud, , websites and employee devices. Similarly, the attacks themselves can take a wide variety of forms, including data theft, denial of service attacks and malware. Advanced Persistent Threat Attacks Initial/Zero Day Attacks Backdoor / Remote Access Lateral Movement on Network Data Gathering / Exfiltration Cover Tracks Targeted Attacks IRC Botnet Reconnaissance Proxy tunneling Logs editing Phishing Malware Social Engineering Vulnerable Services Software Flaws Logic Bombs Command & Control Kernal User Mode / Rootkits BIOS Malware Microcode malware Scanning Vulnerable assets discovery Sniff network Files, databases Password cracking SQL injections Hidden data streams (NTFS) Covert TCP channels (Loki) Reverse WWW shells Steganography techniques Log/Accounting clearing Use of proxy channels Clear shell history VM detection 5

6 That s why it s so crucial that your organization be able to not only collect information alerts from multiple points, but also provide a holistic view of your threat landscape. This multisource analysis, in turn, can lead your organization to implement actionable insights that make your networks, systems and data more secure. To ensure you get information from multiple sources, Masergy s enterprise security architecture extends from onpremises environments all the way to the public, private, and hybrid cloud solutions. What s more, Masergy s simpleto-install security platform enables our industrial-strength security services to share and correlate massive amounts of data over long periods of time, identifying stealth reconnaissance activity within your networks and then blocking data thefts and other cyber attacks. Masergy s adaptive, predictive technology for public, private, and hybrid environments delivers a wide range of powerful features, including: Unlimited scalability Full regulatory compliance with industry and government standards Zero network latency with 100 percent passive technology Unified administration, monitoring and reporting that offers comprehensive compliance reporting, weekly and summary reports, and an integrated network security ticketing system Continuous monitoring from certified security analysts with real-time visibility, control and oversight of your organization s entire security environment Up to 60 percent savings in security-related capital expenditures, training and staffing Unparalleled unified security anywhere, anytime 12%: Decrease Reason No. 5: Professional Consulting Services Unfortunately, the risk of cyber attacks and breaches isn t going away. In fact, new threats appear almost daily, as do new ways to fend them off. Nearly 90 percent of cyber risk executives recently surveyed believe their organizations cyber risk will either stay the same or increase over the next two years (Figure 2). Regulations and rules change frequently, too, making compliance a continual and complicated challenge. 36%: Stay Same 52%: Increase Fig. 3: Over the next two years, will your company s cyber-risk exposure increase, decrease or stay the same? - DATA: Ponemon Institute, April

7 That s another reason why working with MSSPs can be so helpful. Leading service providers can provide your organization with cutting-edge security consulting services. By auditing your security posture and ensure compliance with regulatory requirements, MSSPs security consultants can offer services that help your organization in three important ways: Remove blind spots: Identify previously unknown gaps in your security management, then implement actionable remediation strategies and processes to keep your organization safe and secure. Keep current: Leverage the latest best practices honed on today s most secure networks, keeping you at security s cutting edge. Stay compliant: Test, assess and stay in compliance with various regulatory compliance requirements, freeing you to focus on other strategic goals. Also, Masergy offers a full spectrum of professional security services. These include: 360 Living Security Audit, a comprehensive, deep-dive audit of your IT infrastructure; compliance testing; penetration testing; and risk management, which includes security audits and gap analysis. Conclusion Managed security services providers offer a powerful, compelling option for IT security executives stretched to the limit and looking for new solutions to their cyber security risks. Working with an MSSP allows your organization to enjoy the many benefits of the cloud including lower, more flexible costs while also benefitting from your service provider s expertise, staffing and technology. That lets your IT staff to focus on your core business, and your staff to work on IT projects that help the organization pursue its top business goals. The Masergy Unified Enterprise Security solution is designed to extend all the way from on-premises subsystems to the private, public and hybrid clouds. Its single, integrated architecture offers a patented approach to network behavioral analysis and correlation, delivered as a 24x7 managed service. What s more, the Masergy solution spans your network from the premises to the cloud, correlating threat information across all existing enterprise security systems. This empowers you to predict, detect and defend against threats before they emerge. And Masergy combines human monitoring with our advanced big data analytics and machine learning. In an increasingly perilous world, working with an MSSP is a powerful way to stay safe and secure. Contact a Masergy representative today: US +1 (866) MASERGY ( ) EMEA +44 (0) Masergy Communications, Inc.