What is cybersecurity as a service (CSaaS)? Why should I care?

Security & GRC
1.8k viewscircle icon3 Comments
Sort by:
CEO and Co-Founder in Software4 years ago

It's a forcing function. What I'm hearing from customers is that they don't have the people and even if they get the people, they can't retain them. They're not excited doing the same thing everyday and they're being pushed every second. So it’s a way to solve the people and skills gap.

Lightbulb on2
Fractional CIO in Services (non-Government)4 years ago

If you're going to outsource your security, you can outsource responsibility for keeping your company secure but you still need to have someone in the company who's accountable for that security, for that outsourcing and for overseeing who's doing it for you and who understands it. That's probably the biggest gap that most organizations are dealing with. I can't speak for those outside New Zealand but it probably isn't much different in many other countries as well.

Most companies assume they're paying these vendors to make sure that the company's safe and secure but are they actually keeping on top of it enough to understand what that means? And do they have someone there as a proxy security manager who actually makes the decisions and calls the shots, so that when the reports come through and the vendor turns around and says, “This is what this means for you,” someone is actually making an informed decision on that end? I'm not sure that's happening at the moment.

Lightbulb on2
Board Member, Advisor, Executive Coach in Software4 years ago

There was a poll on the Pulse platform that asked whether you’re embracing cybersecurity and I found the results interesting. 24% of people said yes, they're embracing cybersecurity as a service using a managed security service provider (MSSP). 28% said they’re embracing managed detection and response (MDR) or extended detection and response (XDR). 35% said yes, but they're shaping their internal efforts that way and about 13% said no. 

I'm happy to see that people are embracing cybersecurity as a service (CSaaS), even for an internal approach because it gives you more established service-level agreements (SLAs). It also provides better metrics and reporting, which you can use to demonstrate to management how you're doing and what outcomes they're getting from it.

Lightbulb on2

Content you might like

Is security training at your organization personalized to the employees?

Yes47%

Somewhat36%

No16%

View Results

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

Read More Comments

With AI adoption accelerating across enterprises, what do you view as the top information security challenge that leaders should address? How can CISOs, VPs and Director’s align governance, risk and security investments to enable AI innovation without creating new exposures?

Read More Comments

Which key pentesting capability do current AI-driven vendor solutions most fail to cover?

Zoom Video Communications has agreed to pay $85 million to settle a California lawsuit. They have been accused  of improperly sharing customer information with Facebook, Google and LinkedIn and allowing strangers to enter unprotected Zoom meetings in an activity known as "Zoombombing." Have you ever been "zoombombed" in a meeting?

Yes77%

No23%