Latest News  

Outsourcing security: What small businesses need to know

Forecasters predict that the booming managed security service provider (MSSP) industry will grow from $8 billion in 2015 to $30 billion by 2020.

2015-11-09 16:50:07

One question that small businesses often grapple with, especially in the early days of their development, is whether or not to outsource at least some aspect of their security, writes Ryan Berg in smallbusinesscomputing.com.

There are many instances when outsourcing computer, data, and network security makes sense:
• You may lack the appropriate in-house skills and resources
• You may not be in a position to make a full-time hire, let alone multiple hires
• You can't find the right person to fill a full-time role (Forbes expects our current cybersecurity workforce shortage to reach 1.5 million unfilled positions by 2019).
So does outside security help make sense for you? Possibly. But before you even think about outsourcing, you need to develop your own clear idea of what it is you actually need help with in the first place.

Outsourcing Cybersecurity 101

The simple truth is that you're not ready to outsource your small business security if any of these three points apply to your company.
• You can't clearly articulate your problem or goal
• You don't know where your assets reside or what data or systems you're trying to secure
• You don't have someone on board to actively own and manage the outsourced relationship

Small business owners must carefully avoid giving managed-security service providers the impression that they don't know what they need. The reality is many security vendors will see nothing but dollar signs; they may guide you to toward solutions that are easiest for them to implement instead of the solutions that best fit your needs.

Think of it this way: if you go to a brake shop because you think your car has a brake problem, you're more than likely going to cough up the cash for new brakes. Meanwhile, you may actually have a bigger issue with the car that remains unaddressed. Your shiny new brakes may work like a charm, but you can still get into an accident if the steering's off. And if you go back to the brake shop angry, they'll simply shrug and say of course they didn't protect you for that.

Advanced thought and planning is the best approach to outsourcing small business security. The worst thing you can say to a managed security service provider is, "I don't know where to start.

Outsourcing small business security works well only when you achieve these states:
• You have a clearly-defined problem to solve or goal to achieve.
• You find a vendor you work well with and can trust to deliver on your specific needs

There's no lack of outsourced security vendors from which to choose. But if you have a specific security goal that lends itself to outsourcing, you can whittle down the list to providers that specialize in that area. Then discuss these 10 essential topics with the managed-security service providers on your short list before you sign an agreement.

What to Ask Prospective Managed Security Service Providers

• Find out whether they've worked with small companies that are similar to yours in size, stage, and industry
• Get references
• Review their standards, policies, and procedures carefully
• Make sure all requirements and responsibilities will be documented in service level agreements (SLA) and/or statements of work
• Determine who on their side will manage your account and discuss your expected level of interaction (you don't want to enter a partnership expecting access to the Principal only to find out later that's not the case)
• Ask about reporting (what metrics do they measure, and how often do they report)
• Go over the game plan for incident response and recovery
• Ask about systems compatibility
• Make sure they can scale their protection as your company grows
• Have an exit strategy should the time come when you want to stop using their services

Small Business Security Caution

Remember, no one outside of your business values your business as much as you do. When you outsource aspects of your company's security you place your safety and success in their hands. You may pay for a level of professionalism, but when it comes down to it, an MSSP will act with its best interests in mind. Outsourcing isn't something you jump into quickly. Success requires a considerable amount of planning, discussion, and trust-building.

Ryan Berg is chief scientist at Barkly. A speaker, instructor, and author in the fields of security, risk management, and secure application development, Berg holds multiple patents. Prior to joining Barkly, he was chief security officer at Sonatype and chief scientist and cofounder of Ounce Labs.


0 COMMENTS ^ Go back to Top
WRITE A COMMENT ^ Go back to Top
 
Your email address will not be published.
Nickname
Email
Comment
Validation Code
   
 
 
NEWS
Microsoft report: Romania registers average malware attack rate of 7.46 per cent, over European average

Romania reached a 7.646 per cent malware attack rate in 2018, 2.13 per cent higher than the average European rate, according tot eh 24th edition of Microsoft Security Intelligence (SIR), released recently.

 Read Full article »
Blockchain StartUp Swazm signs partnership with Maguay, one of the biggest server and storage suppliers in Europe

Romanian Blockchain company Swazm has signed a partnership with Maguay, one of the biggest server and storage suppliers in Europe. The objective of the partnership is to expand the Swazm blockchain network by u

 Read Full article »
Deloitte research: Learning, employee experience and leadership, the main topics on human capital agenda in Romania

Continuous learning for skills development, leadership development and improving the employee experience are the most important and urgent among the trends identified by Deloitte 2019 Global Human Capital Trend

 Read Full article »
Oracle: Shifting toward a whole-enterprise cloud

Cloud technology and its adoption have been transformative for nearly every business, industry, and product. From running applications that are always-on and available, to limitless infrastructure scalability,

 Read Full article »
CBRE takes charge of the operations of NEPI Rockcastle's office portfolio in Bucharest

CBRE, the world and local market leader in real estate consultancy, was mandated with the property management of NEPI Rockcastle's office portfolio in Bucharest, consisting of three emblematical buildings: Flo

 Read Full article »
KPMG launches an application enabling real-time feedback of employees and managers

KPMG launches an application enabling real-time feedback of employees and managers

 Read Full article »
ABSL GALA AWARDS celebrated its winners last evening at Bucharest

As the voice of the business services, ABSL has created the ABSL Awards with the purpose of recognizing the most innovative, impactful and valuable projects and initiatives of the business services industry ove

 Read Full article »
Medium-sized companies relocate from class B to class A-offices in Timisoara

The office market in Timisoara witnesses a new trend: the relocation of companies from class B spaces to class A and the increase in attractiveness of modern office projects for firms with less than 50 employee

 Read Full article »
PropTech Romania organizes a hackathon in Bucharest, dedicated to real estate industry

Proptech Romania, the first Romanian innovation platform dedicated to the real estate market announced it is organizing the first European Real Estate Hackathon, in Bucharest, on the 12-13 April, an event that

 Read Full article »
AROBS Transilvania Software acquires HR software provider UCMS Group Romania

AROBS Transilvania Software, a specialized provider of outsourced business solutions based in Romania, is to acquire human resources management business, UCMS Romania from TMF Group, on DATE, subject to regulat

 Read Full article »
 
 
 
MOST READ ARTICLES
» Huawei opens a centre on cyber securit...
» ROMANIAN OUTSOURCING AWARDS FOR EXCELL...
» Romania ranks above EU average in gend...
» Bucharest, in the top of cities in Eur...
» Meet the experts who will decide the w...
» Berg Software Romania: Reasons to outs...
» KPMG launches an application enabling ...
» Bogdan Pelinescu, president of ABSL: A...
» ABSL GALA AWARDS celebrated its winner...
» George Rotariu, CEO Bitcoin Romania: B...
 
EDITOR CHOICE
Catalina Dodu - Meet the speakers at Romanian Business Services Forum 2019 CEO LEADERS DEBATE, on May 7

Catalina Dodu runs the operations of Atos Romania since March 2014, with an experience of over 15 years in IT management. Previous to being appointed Country Manager, Catalina managed the System Integration div

 Read Full article »
Philippe Beucher: Meet the speakers at Romanian Business Services Forum 2019 CEO LEADERS DEBATE, on May 7

Philippe Beucher is the Managing Director of Accenture Operations – Danubia Region, leading the Operations entity for Romania, Czech Republic, Slovakia and Hungary starting from February 2019. For the past 1

 Read Full article »
Meet the speakers at Romanian Business Services Forum 2019 CEO LEADERS DEBATE, on May 7th - Matthieu Pasquier

Matthieu Pasquier is CEO of Societe Generale European Business Services since August 2018 bringing more than 27 years experience in Societe Generale group. During 2014-2018, Matthieu was Head of SG GSC Chennai

 Read Full article »
Sorin Mindrutescu among the speakers at Romanian Business Services Forum 2019 CEO LEADERS DEBATE, on May 7th

Sorin Mindrutescu is the Country Leader for Oracle Romania, as of February 2003. In this role, he is responsible for local sales and project delivery. In Romania, Oracle has two major business directions: the l

 Read Full article »
Meet the speakers at Romanian Business Services Forum 2019 CEO LEADERS DEBATE, on May 7th - Vivek Bakshi

Vivek Bakshi is the General Manager of Wipro Technologies. He has spent 12 years heading the International Locations / Delivery Centers Europe from the Bucharest office.

 Read Full article »
Latest News  
 
about us | newsletter | contact | members area | GDPR policy
Copyright © 2015 by Diplomat Media Events Design by Diplomat Media Events