Latest News  

Outsourcing security: What small businesses need to know

Forecasters predict that the booming managed security service provider (MSSP) industry will grow from $8 billion in 2015 to $30 billion by 2020.

2015-11-09 16:50:07

One question that small businesses often grapple with, especially in the early days of their development, is whether or not to outsource at least some aspect of their security, writes Ryan Berg in smallbusinesscomputing.com.

There are many instances when outsourcing computer, data, and network security makes sense:
• You may lack the appropriate in-house skills and resources
• You may not be in a position to make a full-time hire, let alone multiple hires
• You can't find the right person to fill a full-time role (Forbes expects our current cybersecurity workforce shortage to reach 1.5 million unfilled positions by 2019).
So does outside security help make sense for you? Possibly. But before you even think about outsourcing, you need to develop your own clear idea of what it is you actually need help with in the first place.

Outsourcing Cybersecurity 101

The simple truth is that you're not ready to outsource your small business security if any of these three points apply to your company.
• You can't clearly articulate your problem or goal
• You don't know where your assets reside or what data or systems you're trying to secure
• You don't have someone on board to actively own and manage the outsourced relationship

Small business owners must carefully avoid giving managed-security service providers the impression that they don't know what they need. The reality is many security vendors will see nothing but dollar signs; they may guide you to toward solutions that are easiest for them to implement instead of the solutions that best fit your needs.

Think of it this way: if you go to a brake shop because you think your car has a brake problem, you're more than likely going to cough up the cash for new brakes. Meanwhile, you may actually have a bigger issue with the car that remains unaddressed. Your shiny new brakes may work like a charm, but you can still get into an accident if the steering's off. And if you go back to the brake shop angry, they'll simply shrug and say of course they didn't protect you for that.

Advanced thought and planning is the best approach to outsourcing small business security. The worst thing you can say to a managed security service provider is, "I don't know where to start.

Outsourcing small business security works well only when you achieve these states:
• You have a clearly-defined problem to solve or goal to achieve.
• You find a vendor you work well with and can trust to deliver on your specific needs

There's no lack of outsourced security vendors from which to choose. But if you have a specific security goal that lends itself to outsourcing, you can whittle down the list to providers that specialize in that area. Then discuss these 10 essential topics with the managed-security service providers on your short list before you sign an agreement.

What to Ask Prospective Managed Security Service Providers

• Find out whether they've worked with small companies that are similar to yours in size, stage, and industry
• Get references
• Review their standards, policies, and procedures carefully
• Make sure all requirements and responsibilities will be documented in service level agreements (SLA) and/or statements of work
• Determine who on their side will manage your account and discuss your expected level of interaction (you don't want to enter a partnership expecting access to the Principal only to find out later that's not the case)
• Ask about reporting (what metrics do they measure, and how often do they report)
• Go over the game plan for incident response and recovery
• Ask about systems compatibility
• Make sure they can scale their protection as your company grows
• Have an exit strategy should the time come when you want to stop using their services

Small Business Security Caution

Remember, no one outside of your business values your business as much as you do. When you outsource aspects of your company's security you place your safety and success in their hands. You may pay for a level of professionalism, but when it comes down to it, an MSSP will act with its best interests in mind. Outsourcing isn't something you jump into quickly. Success requires a considerable amount of planning, discussion, and trust-building.

Ryan Berg is chief scientist at Barkly. A speaker, instructor, and author in the fields of security, risk management, and secure application development, Berg holds multiple patents. Prior to joining Barkly, he was chief security officer at Sonatype and chief scientist and cofounder of Ounce Labs.


0 COMMENTS ^ Go back to Top
WRITE A COMMENT ^ Go back to Top
 
Your email address will not be published.
Nickname
Email
Comment
Validation Code
   
 
 
NEWS
Colliers International, designated to obtain WELL certification for Skanska's Campus 6 buildings

Pioneering in the field, Skanska is the first developer to introduce in Romania the WELL Building standard for the newest company's project developed in Bucharest, Campus 6 and its 2 and 3 office buildings, bei

 Read Full article »
Atos signs cybersecurity industry partnership with NATO

Atos, global leader in digital transformation and the NATO (North Atlantic Treaty Organization) Communications and Information Agency today sign an industry agreement to commit to a rigorous and continuous exch

 Read Full article »
Co-working segment: CBRE advises Spaces in the opening of its biggest center in Romania

CBRE, the world and local market leader in real estate consultancy, advised on the leasing transaction of 4,100 sqm office space for the largest center to be opened by Spaces in Romania.

 Read Full article »
Francesca Postolache, Partner PwC joins People in Shared Services & Outsourcing Forum on October 18, at Bucharest

Francesca Postolache, Partner PwC, joins us next Thursday to take forward major subjects such as Digital Transformation and Next-Generation Talent Development.

 Read Full article »
Telekom Romania opens in Brăila its sixth BPO center

Telekom Romania announces the opening in Braila of BPO (Business Process Outsourcing) centre dedicated to companies that need such services and which prefer to rely on a professional and experienced provider

 Read Full article »
Delphi Technologies inaugurates global IT center in Bucharest

Delphi Technologies, a leading provider of advanced propulsion solutions to automotive manufacturers has opened its first multidisciplinary global IT center in Bucharest. This new site will provide information

 Read Full article »
London Stock Exchange Group appoints Andreea Stanescu as General Manager for Romania

London Stock Exchange Group (LSEG) announced that Andreea Stanescu has been appointed General Manager, Romania. Andreea will be reporting to Dee Liyanwela, Head of Business Services Ltd (BSL) Sri Lanka and Roma

 Read Full article »
Google to offer free courses for young programmers and business incubators

Google announced the launch of the "Digital Workshop for Programmers", aimed at offering free courses to students who want to learn to program and young people who want to become technology entrepreneurs. These

 Read Full article »
ANIS scholarships gathered 35 innovative projects since launch

Employers' Association of the Software and Services Industry (ANIS) announced it registered 35 innovative projects within the first edition of its program called "ANIS' Scholarships".

 Read Full article »
Matthieu Pasquier is the new CEO of Societe Generale European Business Services

The Board of Societe Generale named Matthieu Pasquier as the new CEO of Societe Generale European Business Services, effective July 16, the company announced.

 Read Full article »
 
 
MOST READ ARTICLES
» Andrei Romanescu, Managing Director of...
» ROMANIAN OUTSOURCING AWARDS FOR EXCELL...
» Delphi Technologies inaugurates global...
» Genpact's COO: Staying ahead of the cu...
» French energy operator Total opened su...
» Ready for People in Shared Services & ...
» Grégoire Vigroux appointed the new Vi...
» Francesca Postolache, Partner PwC join...
» Colin Lovering to moderate the talks o...
» Oracle reaches 4,200 employees and pla...
 
EDITOR CHOICE
People in Shared Services and Outsourcing Forum, 2018: What kind of future, tomorrow will bring?

We have just concluded the fourth edition of our annual event People in Shared Services and Outsourcing Forum, the get-together of the Who's Who in the industry of business shared services in Romania.

 Read Full article »
Olga Botusan, Stefanini, keynote speaker at People in Shared Services & Outsourcing Forum on October 18, at Bucharest

This Thursday, at People in Shared Services & Outsourcing Forum 2018, Olga Botusan EMEA HR Director at Stefanini joins us to talk about Digital Transformation and Next-Generation Talent Development.

 Read Full article »
Colin Lovering to moderate the talks of People in Shared Services & Outsourcing Forum on October 18, at Bucharest

The moderator of the 4th edition of the annual event dedicated to the human resources in shared services & outsourcing industry, COLIN C. LOVERING ISM, Chairman of BRCC and Senior VP, Avison Young Real Estate i

 Read Full article »
Andrei Mihai Crăciun joins the speakers of People in Shared Services & Outsourcing Forum on October 18, at Bucharest

Andrei Mihai Crăciun the Head of office for Innovation, Technological Transfer and Intellectual Property Office from West University of Timisoara will be joining us to discuss whether the private-state actors

 Read Full article »
Sergiu Negut, on the stage of People in Shared Services & Outsourcing Forum on October 18, at Bucharest

On October 18th, Sergiu Negut joins People in Shared Services and Outsourcing Forum to share with us his ideas of ways to support the industry's human capital necessities and create a more efficient cooperation

 Read Full article »
Latest News  
 
about us | newsletter | contact | members area | GDPR policy
Copyright © 2015 by Diplomat Media Events Design by Diplomat Media Events