Matt McCormick , SVP Business and Corporate Development , ThreatQuotient , tells us why organisations should now consider managed security services to help address their security needs .

the skills shortage that plagues the cybersecurity industry and which some reports now peg at three million and growing . Organisations lack trained , experienced resources in many areas including expertise in management and monitoring of the infrastructure protecting an environment , incident responders , threat intelligence analysts , security operations engineers and even security leadership . These gaps increase cybersecurity risk for organisations and their key stakeholders , including customers , employees , business partners and shareholders .

No group feels the impact more every single day than an organisation ’ s cybersecurity team . Enterprise Strategy Group ( ESG ) recently surveyed cybersecurity professionals and Information Systems Security Association members about their experiences on the job .

The report , The Life and Times of Cybersecurity Professionals 2018 , concludes that the ramifications of the skills shortage include an increased workload on existing staff , an inability to fully learn or utilise some security technologies to their full potential and the need to spend significant time training junior employees since it is difficult to hire experienced cybersecurity professionals .

When organisations do manage to hire top talent , they experience trouble with retention . Three quarters of survey respondents told ESG that they are solicited to change jobs by recruiters at least once a month . The result ? Salaries , attrition and competition for skilled applicants are soaring .

Outsourcing to a managed security services provider ( MSSP ) or a provider of managed detection and response ( MDR ) services is one of the strategies that organisations are using to close the skills gap while mitigating cybersecurity risk . MSSPs offer 24 × 7 monitoring and management of security devices and systems and are in the position to hire , train and leverage security experts across many different customers . Providers of MDR services focus on detecting threats that have infiltrated an organisation ’ s network , capabilities sometimes not offered by MSSPs .

Both types of services help organisations reduce costs building out their own security operations centre and get the expertise they need to adequately protect their environment . These services are in such demand that IDC predicts global security spending will top US $ 103 billion , with managed security services accounting for the largest category of spending at more than US $ 21 billion .

MSSPs and MDR services will remain an important option for many companies for the foreseeable future , particularly when you consider other factors at play beyond

Matt McCormick , SVP Business and Corporate Development , ThreatQuotient the skills shortage , specifically : a dynamic threat landscape , an ever-expanding attack surface and an increasingly complex security technology environment . Organisations must be able to identify and mitigate the threats most relevant to them and these factors make that task more difficult .

Recognising that security isn ’ t one-sizefits-all , MSSPs and MDR services offer a way for organisations to get the solutions they need from a menu of options . Take for example threat intelligence , which is the foundation for any security operations programme and essential to discovering what is happening in your environment and what actions to take .

If an organisation doesn ’ t have the resources to take full advantage of the capabilities of a threat-centric security

36