By Arun Gandhi, Director of Product Management of the Seceon
Enterprises from all verticals are embracing digital transformation. This new, increasingly connected digital world is bringing tremendous efficiencies to the way we do business. Apart from these advantages, the digital era is also bringing more frequent and aggressive cyber threats. The complex and evolving security landscape, changing IT environment, and the growing compliance requirements have created numerous challenges for organizations. Threat surfaces have broadened significantly and security teams have to defend against sophisticated cyber-attacks, such as Ransomware, Distributed Denial of Service (DDOS), Inside threats, Vulnerability exploits, Advanced Persistent Threats (APTs), Email phishing, to list few. Cybercrime is rising much faster with the proliferation and adoption of Internet of Things (IoT) and cloud migration. Enterprises are struggling today and will continue to do so in order to acquire the expertise to assist in managing the constantly evolving security threats, and to fully integrate and implement the plethora of security tools that their security teams have acquired. As a result, organizations are turning to Managed Security Service Providers (MSSP) to deliver a spectrum of security capabilities and expertise for detecting and responding to cyberattacks.
According to IDC MSSP Survey 2018, global Managed Security Services revenue will grow to 32 Billion USD by 2022 from 22B in 2018 with a 10.2% Cumulative Annual Growth Rate (CAGR). As a MSSP, are you well-positioned to reap the benefits of this tremendous growth opportunity or still holding on to age-old technology stack and methods that are holding your true potential?
Trends in Cybersecurity
Here are most important cybersecurity trends that are keeping the enterprise Chief Information Security Officers (CISO) up at night and are fueling the growth of Managed Security Services business:
- Sophistication of cyber miscreants growing rapidly. Criminals are leveraging most advanced Artificial Intelligence techniques to identify the most vulnerable enterprises. Therefore, organizations that have their detection and protection methods still stuck in log and rule-based methods are no longer safe.
- Proliferation of security toolsets and silos, collectively generate over 100 thousand alerts per day, with a major percentage of being false positives.
- Growing Number of Devices and Environments to protect as enterprises are embracing cloud, mobile-first technologies.
- Death of Perimeter as we know it, as employees are more global and mobile and enterprises embracing SaaS (Software-as-a-Service) applications.
- Scarcity of qualified information security professionals. According to Cybersecurity Ventures 2018 report, there will be more 3.5 Million unfilled Cybersecurity jobs globally by 2021.
- The continued growth of Compliance regulations. Privacy and security protection laws are becoming stricter and violation fines levied are growing rapidly.
- Cybercrime as a Service is making it easy for criminals to launch cyber-attacks on organizations and individuals with little effort and knowledge.
How Managed Security Services (MSS) offered today?
Most of the Managed Security Service offerings today, including those offered by very large providers, predicated on the following:
- Log Management: Involving Monitoring, Scanning, and Alerting
- Heavy Manual process for Alert/Event investigation with additional retainer fees per incident.
- Defined Network Perimeter that doesn’t consider today’s charging infrastructure
Challenges with the Traditional Model
The traditional model may have worked when organizations have defined perimeter, limited applications, simple network infrastructure, and endpoints. However, it breaks completely with today’s rapidly evolving enterprises that are undergoing digital transformations and the increased sophistication of cybercriminals. Here are some of the reasons why:
- Broader attack surface that comprises not only firewalls but also SaaS/Cloud infrastructure, Mobile endpoints, email phishing, and global workforce.
- The increased volume of data to manage that requires Big Data Storage and Analytics.
- The increased volume of known & unknown threats with more than 100M new malware discovered every year. Static Rule and signature-based methods no longer work.
- Manual processes are no longer efficient for Alert/Event correlation & investigation with hundreds of thousands of security alerts per day reported by a multitude of applications.
Next-Generation Managed Security Services (MSSP 2.0)
To address evolving enterprise Cybersecurity needs and their demands, MSSPs have recognized need to shift their strategy to:
- Move focus from Alert Notification to Response and Remediation (MDR)
- Moving from Reactive to Proactive Security (AI Assisted SOC).
- Move to more value-added services for managing the risk and compliance (Continuous Compliance) vs. just focusing on log aggregation, monitoring and alerting.
And this MSSP 2.0 shift is not only driven to cope with evolving cybersecurity trends but also are largely driven by:
- Enterprise Digital Transformation
- New IT Architectures
- Cloud & Hybrid-Cloud infrastructures
- New Technology Adoption
aiMSSP: Enabling MSSP 2.0 Shift with aiSIEM, aiMDR, and aiSOC
Seceon aiMSSPTM is modern, advanced and fully automated end-to-end multi-tenant platform that is built from the ground up to enable service providers to fully embrace MSSP 2.0 shift. aiMSSPTM combines the power of our award winging aiSIEMTM with Multi-Tier, Multi-Tenancy functionality allowing MSSPs to custom package tiers of modern MSS and MDR services to Large, Medium and Small Enterprises and businesses. With integrated, SIEM (Security Information and Event Management), automatic threat detection, containment and remediation, Service providers enjoy the benefits of most advanced Artificial Intelligence (AI) assisted Security Operation Center (aiSOCTM), with improved efficiency and effectiveness.
Seceon aiMSSPTM Technology stack offers MSSPs following differentiated capabilities demanded by new-age enterprises compared to the traditional stack:
- Machine Learning / Artificial Intelligence
- Big Data and Analytics
- User Behavioral Analytics
- Real-time Threat Intelligence
- Automatic Threat Analysis and Correlation
- Proactive Threat Detection and Hunting
- Netflow Analysis
By embracing aiMSSPTM platform, MSSPs will enjoy the following key benefits:
- Multi-Tier Multi-Tenancy supports service providers with a shared services technology stack offering end-to-end data separation, threat detection, and response, and accelerates revenue generation from new customers. The robust multi-tenancy with multi-tier capability allows MSSPs to grow in size quickly and become Master MSSPs.
- An end-to-end Artificial Intelligence-driven Managed Detection and Response (aiMDRTM) stack in a single platform. Eliminating need to integrate a multitude of products to deliver MDR service, powering MSSPs to have fully functional MDR stack up and running in days rather than months and years so they can focus on revenue generation activity rather than spending on Research and Development (R&D).
- With automatic threat detection & correlation through Seceon’s innovating dynamic threat models, and automated threat containment and elimination, MSSPs will have AI-assisted SOC (aiSOCTM) working for them 24/7.
According to Grigoriy Millis, Chief Technology Officer of a global technology provider for 800+ customers with $1 trillion of AUM, “When we did a side-by-side comparison between Seceon and some of the other solutions from larger providers, Seceon was able to detect real-life security threats that the other platforms did not detect. Leveraging Seceon’s aiMSSP solution, we are now processing more than over a billion events per day with less than one percent rate of false positives and have increased the efficiency of our IT and SOC personnel by over 77%.”
Comparing Traditional MSSP stacks with aiMSSPTM Platform:
Here is a brief comparison of features and benefits offered by aiMSSP platform and how differs from the traditional MSSP stack:
To summarize, there are a number of moving parts that are involved in defending an enterprise from growing cyberattacks. As cyber risk continues to grow, and threats become more intelligent and capable, enterprises will adopt comprehensive platforms that enable them to eliminate the need for siloed threat detection and response solutions which leave gaps in the enterprise security fabric or simply turn to MSSPs to provide the security services. MSSPs will have to provide the flexibility in delivering 24×7 SOC services that are tied uniquely to the client’s needs. This includes all MSS and new services being offered by the MSSPs to manage the security operations as a whole that extends beyond traditional managed security solutions. Seceon’s aiMSSP platform proactively detect breaches and threats via comprehensive visibility of all assets (users, applications, services, and hosts and their interactions), and automatically contain and eliminate those threats in real-time.
About the Author
Arun Gandhi is the Director of Product Management of the Seceon. He has more than 17 years of experience with startups and global brands in Cybersecurity, Networking and Cloud technologies. His strong experience includes product management, product marketing, business strategy, competitive positioning, high profile customer engagements, sales enablement, positioning of emerging technologies, development & test in the Service Provider and Enterprise Markets. At Seceon, he is responsible for driving strategic go-to-market initiatives, product roadmap, management and marketing, and executive engagements with customers & partners. Prior to Seceon, Arun held various technical and leadership roles at Juniper Networks, NetBrain Technologies, and Misys Plc (now Finastra). He completed Executive Management program from the prestigious Harvard Business School (Cambridge, MA) and holds Master’s in Computer Science from University of New Hampshire (Durham, NH). Arun can be reached online at firstname.lastname@example.org and at our company website http://www.seceon.com/