As a SMB, you are vulnerable to attacks, but most likely lack the time and resources to deploy adequate security solutions. While team structures vary at SMBs, we do see some common themes:
- Small teams with no intent on growing in the future or no dedicate security resources
- Teams are made up of generalist with broad responsibilities
- Attempt to balance strategic initiatives with firefighting (security policies, maintaining, etc)
Let's face it, help is NOT on the way. It's expensive and there isn’t enough talent available to solve the cybersecurity quandary. Forrester suggests that the cost of security monitoring is at least $150,000 for two full time employees facing 130 incidents per year. Now combine that with the labor crunch – 3.5 million unfilled jobs by 2021 - means 74% of organizations are impacted by the cybersecurity skills shortage.
Say No to More Tools, Say Yes to Cybersecurity
So do you turn to more products? Unlikely. The security staff shortage means your team is already unable to fully learn or utilize security technologies to their potential. If they are already struggling with current tools, adding more tools is probably not the right approach.
Fortunately there is an alternative option that doesn’t involve buying more tools, but does involve getting leading cybersecurity.
I talked about Security as a Service for SMBs with the ISSA recently. You can listen here.
Bottom line, Security as a Service provides a subscription to specialized security skills so that you can gain access to a large pool of experts without huge upfront costs or additional hires. The service provider implements best practices and pushes these out to their teams. And while the industry doesn’t completely agree what Security as a Service includes or even what to call it, there are few different service models with different emphasis that includes MSSP, managed SIEM, SOC as a Service and Security Agencies, amongst others.
What can you expect?
How can you best understand a cybersecurity-as-a-service provider’s capabilities? Here’s a handy shortlist of questions you can ask:
- Who deploys the technology?
- Is it cloud based?
- Do I need to provide a server? If I do, who maintains it?
- Where is the line between my staff and the vendor?
- Are there out of the box alerts? Are they tuned over time?
- What’s the alert and incident response process? Who responds, what happens and when is it escalated to your team?
- What’s the change request process? How do you add new devices for monitoring? What’s the SLA?
- What’s the process for reporting? Specific searches?
- What tools are included? Does it include vulnerability scanning?
- What are the compliant certifications? Does your provider have their own certifications?
Making the case for Security as a Service
How do you justify Security as a Service to the person who signs the check? Why do you need the provider when they have you? Here are a few ways to make the case:
- Security as a Service is a force multiplier. It gives the business eyes on every alert, 24 hour coverage. It’s a low cost way to multiply the one or two employees in a business into an entire security operations center. It’s a cost saver that makes each person on staff more effective.
- It’s a compliance cost saver. With a Security as a Service solution, you get a fuller compliance checklist than with an in-house team alone.
- It helps replace legacy SIEMs. If you are running a SIEM from the last decade, you might be able to replace it with Security as a Service at the same cost of the existing legacy SIEM maintenance contract.
- It reduces risk. Even if you are doing everything right today with the right security controls in place, there is something to be said for a vendor outside the company helping you to reduce risk. They can help with around the clock coverage, redundancy and provide security expertise. If weighing the cost of Security as a Service with the risk of not having it, often you’ll find that the cost works out in favor of adding a service.
Remember that overstretched team we talked about? A Security as a Service provider takes tasks off their plate to free up time for strategic initiatives. It’s a team sport that delivers predictability and calm.
We're here to help
Cygilant Cybersecurity-as-a-Services is a partnership that extends your team with cybersecurity-as-a-service that overcomes resource constraints, reduces threats and helps achieves compliance. Our main goal is to help you reduce the stress of cybersecurity.