2017, both professionally and personally has been a tremendously gratifying year. At CyberSheath we continued to focus on delivering cybersecurity services that materially helped customers better secure and defend their ever-expanding digital footprints. CyberSheath’s role in helping our clients implement the people, process and technologies required for day to day operational cybersecurity aligned with their specific compliance requirements is meaningful work. Our experience in 2017 was one of forward progress against the tide of emerging threats, endless vendor technology offerings and increasing regulatory requirements related to cybersecurity.
Still, there were many challenges in 2017 that highlighted some basic cybersecurity “blocking and tackling” that still isn’t getting done. Exposure to global ransomware and other threats are often a result of not addressing fundamental cybersecurity best practices. Companies are struggling to find the time and resources to address the things that can have the greatest impact on their cybersecurity. A partial list of work that should be prioritized but often isn’t includes:
- Asset discovery and inventory
- Vulnerability assessment and remediation
- Privileged account management
- Secure configurations for hardware and software
- Data recovery capability
If you are looking for a more complete list just search the Center for Internet Security (CIS) Critical Security Controls. Fundamentals like the Critical Security Controls get buried on the never-ending to-do list of security practitioners as the scope of what they have to secure keeps growing. Product vendors are doing their best to develop tools to address new threats, but our experience suggests that the vast majority of companies have more tools than they can effectively deploy, integrate and support. Companies selectively acquire vendor tools to address specific threats or capabilities but rarely plan for:
- Integration with existing technology investments
- People and process changes necessary to optimize the investment
- Ongoing operations and maintenance
Unfortunately, this product/tool centric approach to cybersecurity has left companies struggling with:
- Point solutions that aren’t integrated to provide maximum RoI
- Ankle deep skill set spread across several vendor tools
- Incomplete deployment of key technologies as staff rush to the next priority
- Unplanned fire drill regulatory compliance projects
- Tactical approach to the strategic problem that is cybersecurity
We can’t predict the year ahead but we can be certain the same issues we have seen for the past several years will continue to be a challenge and addressing that challenge presents a tremendous opportunity.
Companies, faced with regulatory compliance, vendor product offerings, new threats, and limited resources, can take control of their cybersecurity by aligning with the right service providers to ensure measurable, compliant cybersecurity. Companies should thoroughly research Managed Security Services Providers (MSSP) and determine what is best for their short and long-term cybersecurity needs and outsource the nagging list of fundamentals that never seems to get addressed.
MSSP’s are increasingly being sought as a solution for companies who seek to eliminate staffing shortages and predictably deliver reliable, effective and compliant cybersecurity. For these companies, partnering with an MSSP makes it much more likely they will address the fundamentals of cybersecurity. An effective partnership with an MSSP should, at a minimum, enable:
- Alignment of compliance with day to day operational security
- Management of costs with predictable subscription-based pricing that delivers service you can measure
- Automation and integration of regulatory compliance requirements with day to day operations
- Basic fundamentals like asset discovery and inventory as well as vulnerability assessment
- A more secure and fully compliant infrastructure
Guiding companies through their transition to a MSSP model should go well beyond simply collecting logs and providing dashboards, done correctly it should transform and sustain them. The service offerings should be specific to your business needs and measurable. One of the intangible benefits companies should expect from an MSSP is a strengthening of the relationship with their business, leveraging the capability and expertise the MSSP brings to bear. For all its benefits, the MSSP model may not be the right fit for everyone, but CyberSheath feels privileged to assist companies who have chosen this as the best solution for their company. For our clients, the unique relationship with a highly qualified and committed MSSP is proving irreplaceable when it comes to cybersecurity operations and compliance.
Because making the transition to an MSSP should be transformational, it requires a thoughtful consideration. Some companies wrestle with the decision for years, and others are forced into it for budgetary reasons. Ultimately if you have reached a point where too little time, a growing number of threats, staffing shortages and regulatory complexity are causing you to be tactical in every decision you make, the MSSP model is one to consider.
We are looking forward to 2018 with genuine optimism, as we have a number of initiatives underway to help our clients continue their forward progress, including:
- Introduction of additional ways to integrate cybersecurity operations with regulatory compliance and control costs
- Supporting the people and process legs of the cybersecurity equation with quick sprint initiatives to optimize technology investments
- Creation of business focused cybersecurity outcomes that enable corporate security teams to explain their value to the board and other stakeholders
Challenges are inevitable, but the opportunities to address cybersecurity in a measurable way have never been greater. As every security practitioner knows, even a highly capable security operation can benefit from a knowledgeable, outcome focused partner to guide them on a complex, confusing journey. For an increasing number of companies, an MSSP will lead the way.
All of us at CyberSheath wish that your 2018 is a year of continued forward progress.