Intelligent CISO Issue 16 - Page 49

W FEATURE Whatever their size, every enterprise needs an IT security solution that offers as much protection as they can afford. However, with various competing priorities for inward investment and limited resources, organisations need to be savvy about how they allocate their cybersecurity spend to make it go further and get more ‘bang for their buck’. Matt Walmsley, EMEA Director at AI threat detection and response company Vectra, and Grant Paling, Head of Managed Services at SecureLink, a Managed Security Service Provider (MSSP), discuss how to get the most cost-effective, valuable security solution on a tight budget. What kind of security capabilities are organisations outsourcing to MSSPs? Vectra: Organisations are increasingly transforming into ‘digital businesses’, where almost all of their operations are conducted online – documents created, stored and edited in the cloud, communications via email, meetings held over Skype or Zoom. This creates a greater attack surface for cybercriminals, yet businesses have limited time, money, people and skills with which to secure their operations. Then there is the fact that the threat landscape is continuously changing and data privacy regulations are getting tighter. To cope with these challenges, many businesses are outsourcing various security capabilities to MSSPs, but they need to look at whether these are the right ones to outsource. Matt Walmsley, EMEA Director at AI threat detection and response company Vectra www.intelligentciso.com | Issue 16 Grant Paling, Head of Managed Services at SecureLink functional SOC and having modular solutions that will fill the gaps where needed has become massively important. What advice do you have for creating an effective IT security system? Vectra: Do the basics first and do them well. This includes perimeter security (firewalls), access controls (MFA) The most common way is to assess the current operating state, develop a target operating model and then analyse where the gaps are. SecureLink: Companies are still outsourcing activities such as managed firewall, IDS/IPS and content security to MSSPs. However, a far greater gap in skills has emerged in the area of Managed Detection and Response (MDR) and other activities commonly undertaken by a Security Operations Centre (SOC), such as vulnerability management and advanced endpoint protection. and end point controls (AV/malware defences). Don’t forget about users – they’re your biggest attack surface and first line of defence, so ensure you do regular security training with them, embed security into the business culture, rather than just seeing it as an IT or ‘technology’ issue. Many customers just do not have the time, money or experience to build a Next, look to mature your security posture with detection and response, 49