What is cybersecurity as a service (CSaaS)? Why should I care?
Sort by:
If you're going to outsource your security, you can outsource responsibility for keeping your company secure but you still need to have someone in the company who's accountable for that security, for that outsourcing and for overseeing who's doing it for you and who understands it. That's probably the biggest gap that most organizations are dealing with. I can't speak for those outside New Zealand but it probably isn't much different in many other countries as well.
Most companies assume they're paying these vendors to make sure that the company's safe and secure but are they actually keeping on top of it enough to understand what that means? And do they have someone there as a proxy security manager who actually makes the decisions and calls the shots, so that when the reports come through and the vendor turns around and says, “This is what this means for you,” someone is actually making an informed decision on that end? I'm not sure that's happening at the moment.
There was a poll on the Pulse platform that asked whether you’re embracing cybersecurity and I found the results interesting. 24% of people said yes, they're embracing cybersecurity as a service using a managed security service provider (MSSP). 28% said they’re embracing managed detection and response (MDR) or extended detection and response (XDR). 35% said yes, but they're shaping their internal efforts that way and about 13% said no.
I'm happy to see that people are embracing cybersecurity as a service (CSaaS), even for an internal approach because it gives you more established service-level agreements (SLAs). It also provides better metrics and reporting, which you can use to demonstrate to management how you're doing and what outcomes they're getting from it.
It's a forcing function. What I'm hearing from customers is that they don't have the people and even if they get the people, they can't retain them. They're not excited doing the same thing everyday and they're being pushed every second. So it’s a way to solve the people and skills gap.