Latest News  

Outsourcing security: What small businesses need to know

Forecasters predict that the booming managed security service provider (MSSP) industry will grow from $8 billion in 2015 to $30 billion by 2020.

2015-11-09 16:50:07

One question that small businesses often grapple with, especially in the early days of their development, is whether or not to outsource at least some aspect of their security, writes Ryan Berg in smallbusinesscomputing.com.

There are many instances when outsourcing computer, data, and network security makes sense:
• You may lack the appropriate in-house skills and resources
• You may not be in a position to make a full-time hire, let alone multiple hires
• You can't find the right person to fill a full-time role (Forbes expects our current cybersecurity workforce shortage to reach 1.5 million unfilled positions by 2019).
So does outside security help make sense for you? Possibly. But before you even think about outsourcing, you need to develop your own clear idea of what it is you actually need help with in the first place.

Outsourcing Cybersecurity 101

The simple truth is that you're not ready to outsource your small business security if any of these three points apply to your company.
• You can't clearly articulate your problem or goal
• You don't know where your assets reside or what data or systems you're trying to secure
• You don't have someone on board to actively own and manage the outsourced relationship

Small business owners must carefully avoid giving managed-security service providers the impression that they don't know what they need. The reality is many security vendors will see nothing but dollar signs; they may guide you to toward solutions that are easiest for them to implement instead of the solutions that best fit your needs.

Think of it this way: if you go to a brake shop because you think your car has a brake problem, you're more than likely going to cough up the cash for new brakes. Meanwhile, you may actually have a bigger issue with the car that remains unaddressed. Your shiny new brakes may work like a charm, but you can still get into an accident if the steering's off. And if you go back to the brake shop angry, they'll simply shrug and say of course they didn't protect you for that.

Advanced thought and planning is the best approach to outsourcing small business security. The worst thing you can say to a managed security service provider is, "I don't know where to start.

Outsourcing small business security works well only when you achieve these states:
• You have a clearly-defined problem to solve or goal to achieve.
• You find a vendor you work well with and can trust to deliver on your specific needs

There's no lack of outsourced security vendors from which to choose. But if you have a specific security goal that lends itself to outsourcing, you can whittle down the list to providers that specialize in that area. Then discuss these 10 essential topics with the managed-security service providers on your short list before you sign an agreement.

What to Ask Prospective Managed Security Service Providers

• Find out whether they've worked with small companies that are similar to yours in size, stage, and industry
• Get references
• Review their standards, policies, and procedures carefully
• Make sure all requirements and responsibilities will be documented in service level agreements (SLA) and/or statements of work
• Determine who on their side will manage your account and discuss your expected level of interaction (you don't want to enter a partnership expecting access to the Principal only to find out later that's not the case)
• Ask about reporting (what metrics do they measure, and how often do they report)
• Go over the game plan for incident response and recovery
• Ask about systems compatibility
• Make sure they can scale their protection as your company grows
• Have an exit strategy should the time come when you want to stop using their services

Small Business Security Caution

Remember, no one outside of your business values your business as much as you do. When you outsource aspects of your company's security you place your safety and success in their hands. You may pay for a level of professionalism, but when it comes down to it, an MSSP will act with its best interests in mind. Outsourcing isn't something you jump into quickly. Success requires a considerable amount of planning, discussion, and trust-building.

Ryan Berg is chief scientist at Barkly. A speaker, instructor, and author in the fields of security, risk management, and secure application development, Berg holds multiple patents. Prior to joining Barkly, he was chief security officer at Sonatype and chief scientist and cofounder of Ounce Labs.


0 COMMENTS ^ Go back to Top
WRITE A COMMENT ^ Go back to Top
 
Your email address will not be published.
Nickname
Email
Comment
Validation Code
   
 
 
NEWS
The most appreciated companies from the outsourcing industry, awarded at ABSL Gala 2018 Romania

The most appreciated companies in the outsourcing industry were awarded last night, at the ABSL Romania Awards Gala, a recent announcement of the company stated.

 Read Full article »
Cybersecurity Tech Accord: 34 leading companies sign pledge to fight cyberattacks to promise equal protection for customers worldwide

Companies across every layer of internet communication vow to defend against misuse of their technology; promise to protect all customers regardless of nationality, geography or attack motivation.

 Read Full article »
Accenture study finds 87 percent of focused cyberattacks are prevented

With ransomware and distributed denial of service (DDoS) attacks on the rise, the average number of focused cyberattacks per organization has more than doubled this year compared to the previous 12 months (232

 Read Full article »
Romanian software group expands to Bulgaria

Romanian group Global Technical Systems, which specializes in software development and providing technological solutions for building efficiency and security infrastructures, aims to double its turnover this ye

 Read Full article »
Vodafone Survey: Romanian youngsters would rather work for themselves, than for a company

Romania ranks first in terms of percentage of youngsters who would rather work for themselves/be an entrepreneur than for a company, with 51 percent expressing this preference, according to Vodafone survey.

 Read Full article »
Bucharest office market: Over 30 per cent of the demand came from the companies that moved from old buildings in modern projects

Companies have rented in the first quarter almost 70,000 square meters of office space in Bucharest, one third of the demand came from companies that formerly had its headquarters in old, small buildings or in

 Read Full article »
ABSL Romania: The Business Services sector has thousands of jobs available for young professionals

The Association of Business Service Leaders in Romania (ABSL) announces thousands of positions available for young professionals with little to entry-level experience in the business services sector. Accounting

 Read Full article »
Zitec rents 1,700 sqm at Vastint's Timpuri Noi Square

Vastint Romania has leased 1,700 sqm of office space to Zitec, in the mixed-use development project at Timpuri Noi Square in Bucharest, the developer recently announced.

 Read Full article »
Ness Digital Engineering reached 100 employees in Timişoara and 2,800 sqm in the UBC 2 building in the Openville mixed-use project

In March, Ness Digital Engineering reached a 2,800 sqm area in the United Business Center 2 (UBC 2) building located in the Openville Timişoara development, after taking over a new floor of the office building

 Read Full article »
Timpuri Noi Square awarded the highest LEED certification

Vastint Romania was awarded LEED Platinum certification for the first two office buildings of Timpuri Noi Square.

 Read Full article »
 
 
MOST READ ARTICLES
» Romanian software group expands to Bul...
» The most appreciated companies from th...
» Romania, Europe's third and world's 13...
» ROMANIAN OUTSOURCING AWARDS FOR EXCELL...
» DTZ: Office demand outside Bucharest t...
» EXCLUSIVE: ABSL Timisoara - BPO and SS...
» BPO: the ideal breeding ground for BPI
» Large office space leases dominate the...
» Deloitte opens European Regional Deliv...
» Romanian Outsourcing & Shared Services...
 
EDITOR CHOICE
The voting for The Brand of the Year 2018 in Outsourcing and Shared Services is now open!

Outsourcing Today presents the fourth edition of the annual Romanian Outsourcing & Shared Services Awards, the event that recognizes, rewards and celebrates the success of the most prominent companies acting in

 Read Full article »
Romanian Outsourcing & Shared Services Summit: The very definition of millennials is change

Adapting to future workforce trends whilst balancing intelligent automation, digitalization, and millennial teams was one of the most discussed topic of the second session of the Fourth Edition of Romanian Outs

 Read Full article »
Stefanini invests in AI and reinforces Sophie's capabilities

Recently, Stefanini announced it is reinforcing its investments in Sophie, an artificial intelligence platform with the ability to turn data into valuable solutions. Fully developed within Stefanini's research

 Read Full article »
Romanian Outsourcing & Shared Services Summit: Diversity is value

The second session of the recently ended Romanian Outsourcing & Shared Services Summit highlighted topics on the future workforce trends such as digital transformation, automation, the repositioning of the impo

 Read Full article »
ROMANIAN OUTSOURCING & SHARED SERVICES SUMMIT, with Irina Sersun-Gürtler, Noerr: Bringing the employees on board

This March, the professionals, leaders and key voices in the outsourcing and business shared services industries joined for three rounds of lively knowledge exchange within the Fourth Edition of Romanian Outsou

 Read Full article »
Latest News  
 
about us | newsletter | contact | members area
Copyright © 2015 by Diplomat Media Events Design by Diplomat Media Events