Reading Time: 5 minutes
Insource instead of outsourcing your cybersecurity operations

Márk Félegyházi (Avatao CEO)

sinsource cybersecurity

As the enterprise architecture becomes more and more complex, the task of the Chief Security Information Officer (CISO) becomes overwhelming. CISOs have a tough time finding talented cybersecurity professionals to support their job. In an interesting article in VentureBeat, Nir Donitza and Gal Ringel wrote about the cybersecurity landscape of Israel in 2018, and what it might predict from global cybersecurity. A few of their findings point to some interesting trends.

    Cybersecurity trends

    • CISOs are overwhelmed, so they are increasingly looking for solution platforms that cover multiple areas in cybersecurity
    • security integration is a key criterion for security solutions to work well with the existing systems at the enterprise
    • AI is not ready yet, although promising to enlighten the CISO’s job
    • the emphasis shifts from prevention to operation and detection, and Security Operation Centers (SOC) become a key element in security defense
    • new areas like ICS security and automotive security are gaining ground, but adoption is slow due to the nature of these industries
    • GDPR will push many companies to increase their security posture and will be a key argument in increasing security budgets

      The role of AI in security

      AI is often thought of as the holy grail in cybersecurity as more and more tasks can be automated. It was interesting to see the conclusion that AI-based solutions are not yet ready for cybersecurity operations and monitoring and that there is an increasing need to develop security operation centers (SOCs). Many CISOs and CTOs claim that key projects are not started or stopped because they are unable to find skilled workforce to execute the projects.

        Need for talent

        This trend faces a serious uphill battle due to the lack of qualified cybersecurity professionals being on the market, especially in security monitoring and incident response. According to Steve Morgan, CEO of Cybersecurity Ventures, there will be 1.5 million cybersecurity jobs open by 2019.
        The cybersecurity talent gap became a frequently debated topic in popular media and also within the cybersecurity community
        link1, link2.
        Recruiting the right cybersecurity professionals is becoming extremely difficult, and a study by ISACA and RSA revealed that most cybersecurity job applicants require extensive training to start their job.

          Insourcing cybersecurity operations

          There is a strong trend to outsource cybersecurity operations to managed security service providers (MSSP) including the SOC operation. This is reasonable in the light of the talent shortage. Personnel at MSSPs are qualified and their daily job is to do the monitoring. However, I argue that their visibility on corporate networks is always limited to the interface and communication between the enterprise and the service provider. Hence, the solution to only rely on the MSSP or outsourced SOC cannot work.

          Security has to be part of the whole organization’s culture and it is increasingly important that the employees of the company are security-aware, no matter what they do. As discussed above, it becomes more and more relevant in the job training. The employees of the company are best suited to prevent, discover and monitor security issues in an enterprise network. More importantly, they are in the best position to build software and systems that include security elements.

          Outsourcing cybersecurity to external providers cannot solve the problem. Employees are the key to defend an organization, so the CISO must make it a priority to embed security into development and operation.

          Related Articles

          Python best practices and common issues

          Python best practices and common issues

          Reading Time: 9 minutes Python is a high-level, flexible programming language that offers some great features. To be as effective as possible, it is important to possess the knowledge to make the most out of coding with Python.

          Where the money is: Financial cybersecurity

          Where the money is: Financial cybersecurity

          Reading Time: 7 minutes Money management moves towards complete automation, and the evolution of cybercrime follows along. The money heist has changed, we all know that. Cyberspace takes more and more of that cake, but the reason behind attacks remains the same: money, in any form.

          Security Champions: Interview with Alexander Antukh, CISO of Glovo

          Security Champions: Interview with Alexander Antukh, CISO of Glovo

          Reading Time: 7 minutes Security champions represent an essential part of any security programs. They lead their teams on security projects, ensure internal security and help keeping security on the top of your mind. But how exactly they operate in a business? We asked Alexander Antukh, Director of Security at Glovo for professional insights.

          Why do you need a security champions program?

          Why do you need a security champions program?

          Reading Time: 6 minutes As the company grows the leadership wants to establish a security program to ensure the solid and undisrupted operation of the business. Security at this point is essential, especially when calculating the loss from a halted business, even for a few hours.

          Sensitive data exposure – It’s in your hands

          Sensitive data exposure – It’s in your hands

          Reading Time: 8 minutes Exposing data, especially sensitive data, is a long-time-coming threat. Since personal information such as addresses, payment details, non-hashed passwords, config files, and so on are very popular targets among attackers, it’s obvious that sensitive information is supposed to be protected from unauthorized access.

          Compliance training for developers – From security awareness by design

          Compliance training for developers – From security awareness by design

          Reading Time: 8 minutes Compliance standards are a valuable but mostly misunderstood part of the corporate culture. Like any other certificate, a compliance certificate demonstrates that the entity/business operates according to a commonly accepted standard and signals trust towards third parties. A successful compliance certificate eases regulatory processes, opens new markets, and in general speeds up revenue generation, which is the key metric for businesses.