Key Considerations for Outsourcing Security
by Brian Dunphy - Director of Global Analysis Operations for Symantec Managed Security Services - Tuesday, 25 May 2004.
Introduction

As last summerís virus attacks vividly demonstrated, companies of every size are finding themselves hard pressed to maintain around-the-clock network security. Arriving nearly simultaneously, the Blaster, Welchia, and Sobig.F worms invaded hundreds of thousands of corporate computers, resulting in billions of dollars of damages and lost productivity. In this new atmosphere, where crippling attacks arrive almost immediately after vulnerabilities are announced, how can enterprises maximize their IT investments and successfully manage security? They can tackle the job with their in-house IT staff, of course, or they can outsource the task to a managed security services provider (MSSP). This article will look at certain key issues for determining when outsourcing security is the best approach to take.

Scrambling to find the resources

One thing the viruses mentioned above made clear is that the changing nature of cyber attacks has turned security into something of a moving target for enterprise operations. Constantly evolving threats relentlessly expose gaps in these companiesí security systems. And that has produced a singular dilemma.

According to research and advisory firm Gartner Inc., at most companies, the staff responsible for IT security functions is also responsible for other activities and spends most of its time on non-security projects. For any resource-constrained organization, the added responsibility of managing security is often just too taxing. Gartner has concluded that in-house teams struggle to understand and defend against the latest security threats because this requires constant system monitoring Ė something that few businesses can afford.

For those IT staffs that take on the task, the challenges are daunting. After all, this normally entails formulating a security policy and implementing firewall, intrusion detection, virus detection, and other security technologies. But even after taking these steps, the challenge remains of how to manage the security effort. Security, after all, isnít static, and enterprises must be prepared to proactively monitor, maintain, and upgrade their network protection.

The bottom line: maintaining the necessary vigilance in these days of ďzero-dayĒ attacks requires significant investments in staff, IT systems, and training.

Selecting an MSSP

The alternative is for enterprises to outsource the management and monitoring of their network security to an MSSP. An MSSP can combine advanced technology with expert human analysis, enabling an enterprise to cost-effectively strengthen its security posture. An MSSP can also provide a level of technology and expertise that ensures rapid response to real threats.

Specifically, a capable MSSP must employ advanced data mining and security event correlation capabilities to enable it to accurately correlate, analyze, and interpret large volumes of network security data in real time. In general, an MSSPís services include timely phone and email access to security monitoring staff and Web access to reports on such things as device status, change requests, and service level performance. Perhaps most importantly, these services enable enterprises to focus resources on their core, everyday business issues.

Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //