Digital Businesses Need Tailored Security Solutions and Services

Many enterprises prefer to outsource their IT security and believe their cybersecurity operations will be managed well. Typical security device management services that are offered by leading managed security service providers (MSSPs) are broadly categorized into the below clusters:

• Network security services (example: firewall management, IDS/IPS management, WAF management, web proxy management, etc.)
• Endpoint security services (example: anti-virus management, email security management, endpoint DLP management, etc.)
• Security monitoring and incident response (example: SIEM management, EDR management, etc.)
• Identity & privilege access management services (example: authentication services, single sign-on management, etc.)
• Data protection services (example: data classification services, database activity monitoring, etc.)
• Vulnerability management services (example: web application scanning services, penetration testing, etc.)
• Governance, risk and compliance services (example: security awareness services, ISO27K-based audit support services, etc.)

Security leaders need visibility on what they’re buying and should ask the questions below to their MSSPs.

• Does the MSSP adhere to NIST 800-41 guidelines on firewalls and firewall policy management?
• What’s the process and mechanism for firewall configuration risk reviews?
• How well are the security technologies hardened? Do they meet minimum baseline security hardening standards and guidelines?
• What processes are being adopted to update the IPS (intrusion prevention systems) signatures and rules enablement? How it is relevant for your business?
• What does the security operations do with the IPS alerts, DLP alerts, and WAF alerts?
• Does the security operations subscribe to threat intelligence feeds and pertinent cybersecurity advisories?
• How does the MSSP ensure that security operations are maturing over a period of time? What are the metrics and measurements?
• How are the service level agreements and key performance metrics tracked, reported and actioned?
• How are the service’s continual improvement programs identified and executed?
• Are all the features and capabilities on the security devices enabled?
• Does the MSSP provide cyber risk visibility and recommendations specific to your organizations?

Digital Business Requires Tailored Solutions
Modern business models across various industries require tailored security services and solutions, as traditional MSSP service offerings can’t fulfill all of the requirements. Enterprises are adopting digital business and need to identify the assets that require cybersecurity solutions. The assets could be users, identities, networks, hosts, applications, data and inter-related systems. Organizations need to reconcile between the budgets and business requirements. Security leaders need to devise cybersecurity strategies that are based on their organizational business imperatives. The below table depicts the parameters required for customized security solutions:

Additionally, security leaders need clear understanding and alignment regarding a) roles and responsibilities; b) operational processes; c) tools and technologies d) metrics and measurements and e) governance model, that are required to deliver the security services. MSSPs need to provide visibility of key cybersecurity risks to clients that are more specific to their environment based on these custom-designed security solutions.

Every business is unique in its own way. Adopting cybersecurity services that are tailor-made with two-way communications will help address risks and challenges to safeguard from data breaches.

About the author: Mr. Rasool Kareem Irfan is a trusted cybersecurity advisor with wide experience across various industry verticals, including healthcare, life science, banking, financials, insurance and telecom. He graduated B.Tech (Information Technology) and M.B.A (Technology Management) from Anna University, India. He holds global cybersecurity certifications (such as CISM, CEH, and ISO27001 Lead auditor) and leading technology vendor certifications (such as AlgoSec, Paloalto, Symantec, Cisco, Checkpoint, Proofpoint, Digital Guardian, AWS, Azure, Google, Qualys, Varonis, etc.). He is a prominent cybersecurity blogger and works closely with reputed national and international forums and institutions.