printer friendly version

The reasons to outsource cybersecurity

Kaspersky’s annual IT Security Economics report revealed that the complexity of cybersecurity solutions forced companies to outsource some functions to external infosec providers; they have the relevant expertise and can manage the technologies more efficiently than company employees can.

A complex cybersecurity solution will not guarantee the best protection without a competent specialist managing it. A company’s search for such qualified workers is complicated by the global shortage of experts in this field. This situation forced businesses to outsource certain IT functions to managed service providers (MSP) or managed security service providers (MSSP) in order to get relevant expertise, and up-skill teams.

Kaspersky’s research in South Africa found that 72,7% of SMBs and corporations said that the most common reason to transfer certain IT security responsibilities to MSP/MSSP in 2022 was the efficiency external specialists provided. Among other most frequently mentioned reasons, companies also named compliance requirements (69,7%), the need for specialist knowledge (63,6%), shortage of IT employees (57,6%), and the complexity of business processes (42,4%).

In regards to the cooperation with MSP/MSSP, 69.7% of companies surveyed in South Africa stated that they usually work with two or three providers, while 24.2% deal with more than four IT security service suppliers a year.

“External specialists can either manage all the cybersecurity processes in a company, or just deal with separate tasks. It usually depends on the size of the organisation, its maturity, and management’s desire to be involved in information security tasks. For some small- and medium-sized companies it can be reasonable not to hire a full-time specialist and rather transfer some of their functions to the MSP or MSSP, as it will be more profitable in terms of cost and efficiency.

“For large corporations, outside specialists usually mean extra hands to help their own cybersecurity teams’ deal with a large volume of work. However, it is important to understand that in any case the company should have basic knowledge of information security to be able to assess the outsourcers’ work properly,” comments Konstantin Sapronov, Head of Global Emergency Response Team at Kaspersky.

To gain more insights about IT security costs and budgets in businesses in 2022 visit the interactive IT Security Calculator (https://calculator.kaspersky.com/). The full report is available to download at (https://calculator.kaspersky.com/report).

Share this article:

Further reading: