If so, one cybersecurity firm has some practical tips to help make sure the outsourcing model yields the expected returns …
As organizations continue remote work arrangements this year, the shift from the corporate perimeter concept to micro-office security certification will take a toll on IT.
For those that have outsourced some of their IT functions, coordinating various managed service providers will be important, along with using multiple cloud services, cloud security and management in their digital transformation.
Nevertheless, financial constraints due to economic recession and the growth of cyberthreats due to the global pandemic will affect the day to day role of cybersecurity professionals in 2021. Understanding the challenges but also perceiving opportunities in IT and IT security management is key for companies to maintain their protection, according to a recent by cybersecurity firm Kaspersky.
The report offers some timely advice for each role related to cybersecurity, including CEOs or business owners, CISOs, SOC team leads and IT managers. Here are some of the main trends to monitor:
- Home office assessment and certification: Protecting the perimeter is no longer enough.There should be tools to scan the level of security in a workplace—from the presence of software vulnerabilities to connecting to an unreliable or unprotected Wi-Fi hotspot. Organizations need to implement wider adoption of VPN, privileged access management, multifactor authentication systems, and stricter monitoring and updating of existing contingency and emergency plans.
- Transition to a service model: This will enable required levels of IT and IT security with lower investments.According to the firm’s data, 69% businesses polled said they already planned to use a managed service provider or managed security service provider (MSSP) in the next 12 months. This is for good reason as the service model helps to minimize capital investments and transition business costs from CapEx to OpEx.
- Training for internal IT security specialists: This training should incorporate management skills. Cybersecurity professions split into very narrow specializations, meaning that hiring staff for each specific role may be too expensive. This is where outsourcing can help plug the gap. However, businesses that outsource key cybersecurity components still need to focus on developing management skills for their in-house teams to handle those outsourced functions.
- Increased reliance on cloud services: This trend in 2021 will make dedicated management and protection measures necessary.Kaspersky’s data showed thatin 2020, employees in 89% of enterprises and 92% of small- and medium-sized enterprises used non-corporate software and cloud services such as social networks, messengers or other applications. This is unlikely to change if and when staff return to the office partially. To ensure that any corporate data is kept under control, better visibility over cloud access will be necessary. IT security managers will need to align themselves with this cloud paradigm and develop skills for cloud management and protection.
According to the firm’s Chief Business Officer, Alexander Moiseev, along with the introduction of new cybersecurity practices, the quality of tools that enable these changes will be equally important. Quality of protection and seamless manageability are key when choosing cybersecurity solutions: “We have seen two important changes in what customers expect from corporate cybersecurity offerings. Firstly, the quality of protection is no longer up for discussion: now it’s a ‘must have’. Another major trend is that deep integration between various components of corporate security, ideally from a single vendor, now plays a bigger role.”
Moiseeve cited a case the long-held belief in the industry that various specialized solutions from various vendors can help create the best combination for protection. “Now, organizations are looking for a more unified approach with maximum integration between different security technologies.”