6 New Year Promises for your Security Service Provider

6 New Year Promises for your Security Service Provider

By Tony Velleca

As 2019 is just beginning, we can’t help wondering: What can security service providers expect in the coming year? 

Tony Velleca, CEO of CyberProof, shares his top insights on what is going to be particularly important to clients this year. 

The Year of Integration 

Clients seem to have gotten tired of buying new tools. Instead, they are starting to focus on successfully integrating and deploying their existing investments. At this stage, they are looking to security service providers for help  and expecting them to provide a broader base of services, some of which may be more related to IT services (such as integration, for example). 


A Focus on Roadmaps 

Due to ransomware attacks, many clients have been forced to abruptly redirect their cyber security energies to deal with urgent security issues. But some of these companies are now getting back on track in terms of implementing their security maturity roadmaps. And the time that’s passed has allowed some of them to gain new perspective, such that they are reevaluating their roadmaps more globally. As a result, it’s likely that security service providers will be required to take on broader responsibility for overall cyber maturity. 


Data Overload  and All That Results 

As security teams leverage more and more data to detect threats  based on a zero trust model  they have need to archive data for longer periods. For this, current SIEM solutions are not cost effective, and larger companies are venturing into open source solutions (e.g., ELK) to satisfy their needs. Clients will be seeking security service providers who have greater flexibility in terms of SIEM solutions – and, ideally, who have the expertise and capabilities to manage open source SIEM solutions. 


Security in the Cloud 

As companies move to the cloud, the demands on the security team expands exponentially. Companies are looking now to security service providers to help define their security architectures, and to provide cost-effective means of securing clouds, endpoints, and conventional network environments – all without purchasing additional security solutions. 


Don’t Forget Automation 

Companies are focused on orchestrating and automating portions of incident response to address the shortage in cyber expertise dogging many markets. As a result, security service providers today must include more automation capabilities, as part of their services. 


Flexible Service Models 

Finally, the lack of skills talent is driving firms to look for more flexible staffing models – and to expect attrition. Security service providers may need to take a fresh look at their business models to enable the kind of flexibility that clients are seeking. 




Tony Velleca
Written by Tony Velleca
Tony is CyberProof’s CEO and is CISO at UST Global. Tony previously co-founded and was CTO at huddle247.com, rated by PC Magazine as one of the top virtual workspace solutions in 2000. He previously worked for Boeing and Rolls-Royce, Inc. focusing on conceptual design and optimized propulsion systems for next generation aircraft. He holds a BS degree in Aerospace Engineering from Georgia Institute of Technology and an MBA from University of California, Irvine.

Share this article