One word that best describes today’s cybersecurity landscape is: complex. More attack surface to manage, more information to secure, more networks to protect and more sophisticated threats to deal with is presenting immense challenges in front of security leaders. This ever-growing complexity of threat landscape is compelling leading organizations to outsource the massive task of efficiently ensuring their enterprise security to Managed Security Services Providers (MSSPs).
From 24x7 coverage, access to skilled professionals and advanced tools and intelligence to reduced cost on account of decreased in-house security operations, MSSP model brings in many game changing advantages for organizations. Given this, Managed Security Services (MSS) market has been witnessing a steady rise. According to a report from MarketsandMarkets, total addressable market for MSS will grow from USD 24.05 billion in 2018 to USD 47.65 billion by 2023. On similar lines, Allied Market Research forecasts global MSS market to reach USD 40.97 billion by 2022.
With cyber threats rapidly evolving in nature, MSS space is also witnessing inclusion of advanced technologies and techniques to stay ahead of potential attacks. As we enter 2020, let’s take a look at five most significant trends that will shape the MSS market:
Increased use of automation: Organizations will partner with providers that employ orchestration and automation, wherever possible, to improve detection and response. Automation will be majorly used for identifying and responding to the volume of attacks even as it helps in filtering out false positives to support security analysts. This will help analysts to focus just on relevant data and alerts instead of deluge of threat and security data from tools, such as SIEM. Use of case management solutions in conjunction with automation tools will help codify response models into playbooks that can be executed by less experience staff and still increase the quality of incident resolution. A key reason why organizations will prefer providers using security orchestration and automation is it will improve customer experience in terms of visibility by providing and improving metrics, such as mean time to detect, response time and number of incidents resolved, etc.
Gaining additional visibility and using behaviour-based detection: With data assets spending a lot of time in transit, attack surface widening, and threats getting more sophisticated, more and more organizations are realizing the need to improve the visibility into their environments. In 2020, expect more thrust on proactive security techniques, such as analytics and behaviour-based detection to predict, detect and prevent breaches, fraud and insider threats before any damage. Organizations will opt for MSSPs with the capabilities and expertise in behaviour-based analytics. End point data, User data, email security, network flows etc will continue to be integrated with behaviour-based analytics to effectively identify suspicious network activities, correlate data, spot policy violations and remediate threats in real-time.
Organisations will take an outside in approach: It has now become an accepted paradigm that the organisation has been or will be breached, no matter the preventive and detective solutions in place. This had shifted focus to detection and response activities to identify and eliminate any persistent threats. To complement this approach, organisations will also take a more proactive, outside-in approach, to identify any leaks that have already taken place and are actively being discussed and/or traded on darkweb forums. Monitoring the darknet for early warning signs of malicious actor activity and identification of potential breaches will be high on the list of CISOs in 2020. Such targeted, private threat intelligence will add superior quality and context to the overall SOC operations for faster detection of threats. Apart from this, organisations will also engage in identifying cloud based assets that have escaped the IT team and have started creating a ShadowIT problem for the organisation.
Access control gets stronger: Insider threats have long remained the weakest link in an organization’s security strategy. Given this, there is a need for stricter access control systems where everyone is verified even those already inside the network perimeter. In this regards, zero trust security model—which micro segments and shifts the perimeter of the network from external borders to the actual endpoints, systems, and users—is being increasingly recognized as a powerful method. In 2020, zero trust architecture will gain further prominence to gain visibility into activity across users, devices, networks, applications and data.
Cloud-based MSS continues to gain traction: Offering the cost advantage of pay-as-you-go model, 24/7 management, fast response time and complete ownership of network performance and management, cloud-based MSS has emerged as a preferred model for organizations. In 2020, the multi-tenant cloud model will gain further popularity due to its advantages of providing wider security, 24x7 support and access to skilled security professionals at a much lower price point. SMBs which generally have budget constraints and organizations with comparatively lower compliance requirements will continue to tap into the advantages offered by this model. On the other hand, verticals dealing with sensitive customer data (banks, telecoms, etc.,) and strict compliance requirements will look at co-managed model. Another key factor that will contribute to growth of cloud-based services is the fact that cloud environment lets organizations future-proof their data centers to be prepared to easily accommodate changes in technology. Ability to scale up and down security services is another big plus of cloud-based managed security.
With new cyber threats emerging every day and the stakes getting higher, MSS providers will be active on delivering innovative offerings. More and more organizations will look to partner with MSSPs that offer customized managed services and model designed to meet an organization’s data protection, compliance and IT security requirements. NTT-Netmagic provides customers with a wide portfolio of on-premise and cloud based services which enable organisations to build and deliver a robust IT security roadmap.