Why co-sourcing is a smart choice for cybersecurity

Issue 8 2021 Security Services & Risk Management

In 2020, tactical IT decisions had to be taken at breakneck speed to enable work-from-home and keep businesses going. Inevitably and understandably, some of these decisions have led to increased risk when it comes to security controls. Now, security teams are striving to regain visibility and control of their estate and security posture while shifting their focus to supporting hybrid work models over the long-term.

One of the side-effects of the move away from the controlled environment of the office has been an increase in the threat landscape. During the first year of the pandemic, BT’s Threat Intelligence teams tracked a 600% increase in email scams, 100% increase in ransomware and 400% increase in brute force attacks. Eight out of 10 (84%) of executives, polled for our CISOs under the spotlight research conducted in September 2020, told us that their organisation had suffered from data loss or a security incident in the last two years.

Cyber threats have been ranked as the main priority for CEOs after managing the consequences of pandemic according to a recent PwC survey. The change in attitudes to security has also been noted by industry analysts, who highlighted the increase in value of security skills overall.

It’s encouraging to see a wider recognition of security as a business enabler and security teams gaining a more important seat at the table. Yet at the same time, they are facing more threats, more technology choices and a surprisingly persistent degree of inconsistency and complacency to treating security as a priority.

Our CISOs under the spotlight report highlighted the importance of the basics, including maintaining cybersecurity hygiene measures.

It’s clear that maintaining security in the face of the increasing pace and volume of threats can’t be addressed singlehandedly. Supercharging the human firewall is a critical part of the solution and employee training is key. But in addition to this, getting the right support must be a priority as cybersecurity becomes a central strategic pillar to support digital transformation.

As we’ve talked to our customers about their sourcing strategies, a few key themes have stood out:

The need to maximise existing resources and investments.

• The need for clarity on what activities need to be retained inhouse and which can be managed by a trusted partner.

• The impact of previous experiences with outsourcing.

• The need for flexibility, both operationally and commercially.

• Trust and shared responsibility – both from their customers being able to trust the organisation and from them being able to trust their partners and vendors.

• Taking risk-based decisions – both in terms of maintaining control and ownership and benefiting from outside expertise.

Driven by an organisation’s current state and priorities, a hybrid or co-sourcing model can provide the level of flexibility necessary to support effective digital transformation. Organisations need help from external partners to augment and bolster their in-house capabilities.

We believe that both customers and service providers need to develop a new shared responsibility model, supporting strong security while maintaining the agility necessary for digital transformation. This requires change on both sides. With all the headwinds in place, organisations can’t lower risk without investing in either in-house resources, partnerships, or a combination of the two.

Managed cybersecurity providers like us know how to help organisations secure an acceptable return on their investment. We can achieve this through a quantifiable reduction of risk, while building confidence in a hybrid co-management model that can adapt to meet customer’s future needs.

Find out more at https://www.globalservices.bt.com/en/insights/whitepapers/cisos-under-the-spotlight




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Risk management and compliance enforcement
Security Services & Risk Management
Having a risk management and compliance programme (RMCP) is not just a procedural formality; it is a legal requirement under Section 42 of the Financial Intelligence Centre Act (FICA).

Read more...
The dangers of poor-quality solar cables
Security Services & Risk Management Smart Home Automation
Reports indicate that one in six fires attended by South African firefighters is linked to substandard solar installations, often due to faulty wiring or incompatible components.

Read more...
Growing risks for employers
Security Services & Risk Management
With South Africa’s unemployment rate exceeding 32% and expected to rise beyond 33% this year, desperation is fuelling deception in the job market. Trust is no longer a given, it is a gamble.

Read more...
Chubbsafes celebrates 190 years
Gunnebo Safe Storage Africa News & Events Security Services & Risk Management
Chubbsafes marks its 190th anniversary in 2025 and as a highlight of the anniversary celebrations it is launching the Chubbsafes 1835, a limited edition 190th-anniversary collector’s safe.

Read more...
New law enforcement request portal
News & Events Security Services & Risk Management
inDrive launches law enforcement request portal in South Africa to support safety investigations. New portal allows authorised South African law enforcement officials to securely request user data related to safety incidents.

Read more...
Continuous AML risk monitoring
Access Control & Identity Management Security Services & Risk Management Financial (Industry)
AU10TIX, launched continuous risk monitoring as part of its advanced anti-money laundering (AML) solution, empowering businesses to detect behavioural anomalies and emerging threats as they arise.

Read more...
Growing risks for employers
Security Services & Risk Management
With South Africa’s unemployment rate exceeding 32% and expected to rise beyond 33% this year, desperation is fuelling deception in the job market. Trust is no longer a given, it’s a gamble.

Read more...
Managing mining physical security risks
Zulu Consulting Security Services & Risk Management Mining (Industry) Facilities & Building Management
[Sponsored] Risk-IO, a web app from Zulu Consulting, is designed to assist risk managers in automating and streamlining enterprise risk management processes, ensuring no steps are skipped and everything is securely documented.

Read more...
SAFPS issues SAPS impersonation scam warning
News & Events Security Services & Risk Management
The Southern African Fraud Prevention Service (SAFPS) is warning the public against a scam in which scammers pose as members of the South African Police Service (SAPS) and trick and intimidate individuals into handing over personal and financial information.

Read more...
Rewriting the rules of reputation
Technews Publishing Editor's Choice Security Services & Risk Management
Public Relations is more crucial than ever in the generative AI and LLMs age. AI-driven search engines no longer just scan social media or reviews, they prioritise authoritative, editorial content.

Read more...