As 2019 is just beginning, we can’t help wondering: What can security service providers expect in the coming year?
Tony Velleca, CEO of CyberProof, shares his top insights on what is going to be particularly important to clients this year.
The Year of Integration
Clients seem to have gotten tired of buying new tools. Instead, they are starting to focus on successfully integrating and deploying their existing investments. At this stage, they are looking to security service providers for help – and expecting them to provide a broader base of services, some of which may be more related to IT services (such as integration, for example).
A Focus on Roadmaps
Due to ransomware attacks, many clients have been forced to abruptly redirect their cyber security energies to deal with urgent security issues. But some of these companies are now getting back on track in terms of implementing their security maturity roadmaps. And the time that’s passed has allowed some of them to gain new perspective, such that they are reevaluating their roadmaps more globally. As a result, it’s likely that security service providers will be required to take on broader responsibility for overall cyber maturity.
Data Overload – and All That Results
As security teams leverage more and more data to detect threats – based on a zero trust model – they have need to archive data for longer periods. For this, current SIEM solutions are not cost effective, and larger companies are venturing into open source solutions (e.g., ELK) to satisfy their needs. Clients will be seeking security service providers who have greater flexibility in terms of SIEM solutions – and, ideally, who have the expertise and capabilities to manage open source SIEM solutions.
Security in the Cloud
As companies move to the cloud, the demands on the security team expands exponentially. Companies are looking now to security service providers to help define their security architectures, and to provide cost-effective means of securing clouds, endpoints, and conventional network environments – all without purchasing additional security solutions.
Don’t Forget Automation
Companies are focused on orchestrating and automating portions of incident response to address the shortage in cyber expertise dogging many markets. As a result, security service providers today must include more automation capabilities, as part of their services.
Flexible Service Models
Finally, the lack of skills talent is driving firms to look for more flexible staffing models – and to expect attrition. Security service providers may need to take a fresh look at their business models to enable the kind of flexibility that clients are seeking.