Is cybersecurity as a service (CSaaS) a good solution for enterprise or is it more suited to a startup or SME?
Director of Technology Strategy in Services (non-Government), 2 - 10 employees
The different models that we're seeing through my network are interesting, particularly here in NZ. I guess it's just a scale thing for us. For the clients I'm working with, it's often not feasible for them to manage their own security environment internally, so outsourcing makes perfect sense. Most of the managed service providers (MSPs) that I've come across or that I've been involved with have some form of security offering. Whether it be the basic level, malware and threat detection or whether it goes right up. We've started to see more companies and providers emerge in the market that are offering it.Board Member, Advisor, Executive Coach in Software, Self-employed
You can outsource the task and responsibility, but you can't outsource accountability for the result. Too frequently people confuse that, whether it be cybersecurity, or outsourcing of app development, etc. I was on a Slack channel with 100+ peers recently and outsourcing came up. A lot of people said, “I've done it but they don't respond as fast as internal resources do,” or “I've done it and I'm not really happy.”So even if you outsource it, you're still going to end up co-sourcing things because of the complexity of what is occurring in your environment. Unless they're a dedicated team—like a true contract worker that's completely under contract with you—they're in this stew of all the other things that they're doing. They may have some pods but they're a shared resource across other clients.
CEO and Co-Founder in Software, 51 - 200 employees
It's impossible to manage. I see it. When we started RiskSense as a service, you always looked at cost economics. And the reason we were given was that it's pure cost. The technology might be what you get a break on but when it comes to the real work, it's down to cost economics. We all know that but nobody's willing to transfer the risk. When you sign a contract, you don't have the option to say, “I'll only allow you to take on a 10 million dollar risk.” But in contractual negotiation the question is, how much risk am I willing to take? Nobody's going to take on unlimited risk. That means that you haven't transferred your risk by default, you just transferred the work. And even then, you're at the mercy of the vendor.
Board Member, Advisor, Executive Coach in Software, Self-employed
And in this case, you can't really transfer the risk. You might be able to transfer the financial implications of the risk but if your data is stolen or if you’re ransomed, it's not like it’s their problem. They might write a check under some limited liability perhaps but that’s it.
Content you might like
Chief Information Technology Officer in IT Services, 201 - 500 employees
It's a challenging question to answer as the cost really depends on various factors such as features and, most importantly, licensing. Based on my experience in development, I would estimate that the development and configuration ...read moreCEO in Services (non-Government), Self-employed
Using AI tools 2-3 a week. Use cases: -summaries of content
-slide outlines
-abstracts
-citations.
-Beauti.Ai for slide preparation
-Chat GPT 4
-Styluschat
Production45%
Backup64%
Replication34%
Non-production DBs (Dev, Training, QA, etc.)31%
213 PARTICIPANTS
CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.Structured Business Data62%
Unstructured Business Data37%
529 PARTICIPANTS