Intelligent SME.tech Issue 08 | Page 17

intelligent

// TECH TRENDS //

Level Agreement ( SLA ) which will provide a set of contractually agreed services within a specified time frame .
A managed SOC will also handle all staff training and manage scheduling to overcome personal time off ( PTO ) or staff sickness , which are difficult to cover without the use of expensive contractors . The SOC team can also scale quickly to an event and bring in additional expertise to deal with a problem when needed .
Lastly , a managed SOC , like any other utilitybased service can scale up – and down as business needs change . So , for example , if the number of staff declines or a company switches to more cloud-based applications instead of running their own servers , than the level of SOC coverage can also be reduced .
Every rose has a thorn
However , a managed SOC does have a few issues to consider . For larger organisations with mature cybersecurity skills , an in-house SOC may be better while potentially offering a more cost-effective option . Keeping and nurturing expertise inhouse can help build highly skilled teams that are much more adept at understanding their own respective environments .
With a growing number of suppliers across the UK offering cybersecurity professional services of some sort , it can be difficult to judge the effectiveness of any service provider . So , as you would with any other supplier , it is worth doing proper due diligence . A good indicator is to ensure that any supplier is accredited with valid certification to ISO 9001 , an international standard that specifies requirements for a quality management system ( QMS ) that is held by over one million companies and organisations in over 170 countries .
On this last point , it is also worth finding out up front what is covered within any contract . Some services may only include monitoring , but not necessarily fixing the mess left by a cyberattack or ransomware extortion attempt . It is also important to understand that any of these services reduce risk but cannot 100 % guarantee that your organisation won ’ t get hacked – anybody who tells you otherwise – also has a bridge for sale .
Clear and present danger
Unfortunately , as more social and business activities head online , there has been a consequent rise in cybercrime . Ignoring the issue won ’ t make it go away , although small businesses may feel that criminals will choose more appetising targets . The blunt truth is that juicier prey is often better protected and poses more risk of getting caught . And it ’ s not just about the damage to reputations faced by cyberbreaches , the Cybersecurity Breaches Survey 2020 research found that where cyberattacks caused material outcomes within medium and large firms combined , the average ( mean ) cost across the year is an estimated £ 13,400 . With pause for thought , maybe it ’ s time to pull your socks up and do something proactive about your cyberdefences . �

KEEPING AND NURTURING EXPERTISE IN- HOUSE CAN HELP BUILD HIGHLY SKILLED TEAMS THAT ARE MUCH MORE ADEPT AT UNDERSTANDING THEIR OWN RESPECTIVE ENVIRONMENTS .
And more specifically for IT services , a supplier should also have ISO / IEC 27001 , an international standard on how to manage information security . For organisations within the public sector , it is also advisable to work with a registered Crown Commercial Service supplier as this will make contract negotiations , terms and conditions a bit easier to manage .
Intelligent SME . tech
. tech
17