Intellyx BrainBlog for Securonix, by Jason English
Comprehensive, proactive, responsive security practices were once the exclusive realm of larger companies and government institutions, with the capital and personnel to invest in running SecOps control rooms staffed with security experts.
Fortunately, those centralized control days are long gone. We are erasing the borders around the corporate datacenter and moving most of the applications we rely on outside of the four walls of the business.
We’ve seen the rise of SaaS-based solutions like ServiceNow, Office 365, Google Apps and Salesforce, as companies replaced the on-premises operations software and IT infrastructure that used to support core business functions. Businesses are perfectly comfortable offloading IT functions to on-demand services.
Now security is ready for adoption in this service-based, pay-as-you-go model. In a distributed computing environment where the network edge is literally anywhere, how can such a change be made without introducing unacceptable risk?
The next frontier: Service-based security
We’ve seen that most companies, especially in the SMB or mid-sized profile, will naturally avoid the model of owning and maintaining software in-house wherever possible, and IT security is no exception. After all, why should a company staff up with additional costly and hard-to-find security professionals to deal with an increasing load of alerts and updates, if cybersecurity isn’t their core business differentiator?
Still, security is such a critical function, and so rife with risk in today’s threat-filled world, that no company can afford to leave their apps and data open to attacks while attempting to offload security, nor wait for a long transition period to self-implement a modern security platform.
At such times we are seeing companies turn to skilled third party IT service partners, or managed security-as-a-service providers (MSSPs) who can help the company punch above its weight in security at higher cost efficiency.
The MSSP offers the company a turnkey service, backed by transition experts with knowledge earned in previous security projects, arriving with the appropriate security platform in hand. The partner also provides additional support after the transition to reduce the employee hassle and overhead of managing and remediating security alerts.
Under this new procurement model, companies can move from a brittle, self-managed security perimeter into a modern, SaaS-based security approach backed by specialists — while simultaneously reducing cost and risk. Why does this work out so smoothly?
Paving the way for the MSSP
MSSP partners might call themselves solution integrators, or cloud service partners (CSPs) but they all share a common desire to bring the most current and updated security tools to bear on their client accounts.
But these partners don’t want the risk of paying up-front costs for security tooling, unless the tools are being engaged for paying clients. This is why an on-demand, cloud-based SIEM (security information and event management) platform like the cloud-based model offered by Securonix makes economic sense, as pricing can be adjusted on a pay-for-what-you-use basis…
Read the entire article on the Securonix Blog here: https://www.securonix.com/security-as-a-service-making-managing-a-complex-threat-environment-look-easy/
©2019, Intellyx, LLC. Intellyx retains full editorial control over this content. At the time of writing, Securonix is an Intellyx customer. Image credit: Michael Coghlan, Security Olympics, flickr (bluefug composite).