Security management by cloud

July 2016 Editor's Choice

There is no doubt that cloud-based managed security services will be the only way for most enterprises to handle their information security in future.

Paul Williams, major account manager at Fortinet.
Paul Williams, major account manager at Fortinet.

Frost & Sullivan predicted that the market for Managed Security Service Providers (MSSPs) would grow from $6.66 billion in 2011, to $15.63 billion this year, while a new report by Markets and Markets predicts the market size will grow from $35.54 Billion this year to $76.73 Billion by 2021. Infonetics Research says the managed security market will exceed $9 billion by 2017. In EMEA, a 2014 Frost & Sullivan report predicted the MSSP market would grow to $5 billion by 2018. A growing share of this MSSP market is cloud-based, particularly in small to mid-sized enterprises and for non-critical data and systems.

This growing confidence in cloud-based hosted solutions for securing critical enterprise data is a marked change from attitudes just a few years ago, when enterprises feared for the security of any data hosted in the cloud. They expressed concerns about losing control of their data, the implications of hosting it across borders, and accountability for security breaches.

Now, organisations are moving to benefit from cloud-based managed security services in growing numbers, thanks to the cost savings, advanced protection and operational efficiencies they offer. In South Africa, we are seeing steady growth in the number of MSSPs running multi-tenant solutions.

Cloud-based hosted managed security allows even small and mid-sized businesses to benefit from high-level security skills and solutions they would not be able to procure independently. In many cases, the security services are provided by the same service provider supplying other hosted services, simplifying the overall management of the organisation’s systems and applications. Concerns about where data is hosted are falling away as local hosting centres proliferate and organisations become accustomed to regularly using internationally-hosted cloud-based tools.

The benefits are proving to be significant: access to specialised security skills and the latest threat protection, a lower total cost of ownership, less management complexity and greater ease of use. The only potential drawbacks of using a cloud-based MSSP would be the loss of a certain amount of control over the organisation’s data, and the potential for SLAs to inadequately spell out all processes and accountability.

For this reason, it is crucial for in-house IT and risk management to carefully scrutinise the credentials and SLAs presented by MSSPs, addressing questions like guarantees on DDoS protection, risk audits, recovery times and penetration testing procedures. Responsibilities, liabilities and penalties must be clearly spelt out. Organisations must also take responsibility for those components of information security that are out of the hands of the MSSP – including employee risk, mobile risk, unsecured corporate Wi-Fi hot spots, the effective encryption of data in transit and the need to have backups of backups to mitigate the impact of data being wiped.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Keeping our changing environment secure
August 2019 , Editor's Choice, Security Services & Risk Management
For a crime to take place there needs to be a victim and a criminal who sees an opportunity. For a cybercrime to take place we need the same set of circumstances.

Augmented security with drones
August 2019, Drone Guards , Editor's Choice, Integrated Solutions
Drone Guards is moving into an untapped market of using drones to secure residential estates and other high-value assets such as mines, farms and commercial properties.

The importance of real security risk assessments
August 2019, Sentinel Risk Management , Editor's Choice, Security Services & Risk Management, Residential Estate (Industry)
Andy Lawler, MD, Sentinel Risk Management, says a security risk assessment is an onerous task, but is not something estates can consider optional or a luxury item anymore.

Risk assessment or product placement?
August 2019, Technews Publishing, Alwinco, SMC - Security Management Consultants , Editor's Choice, Security Services & Risk Management, Residential Estate (Industry)
Hi-tech security solutions asked a couple of experts to provide estate managers and security managers with some insights into what a ‘real’ risk assessment includes.

How far are we really at with artificial intelligence?
August 2019, Axis Communications SA , Editor's Choice, CCTV, Surveillance & Remote Monitoring, IT infrastructure, Residential Estate (Industry)
Justin Ludik unpacks exactly how far AI has come and what it potentially can do for society and more importantly, surveillance.

The importance of effective perimeter security
August 2019, Elf Rentals - Electronic Security Solutions, Stafix , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Residential Estate (Industry)
Protecting the perimeter is critical for any residential estate; how does one go about making sure your perimeter is as secure as possible?

The hidden claws of proof of concept
August 2019 , Editor's Choice, Integrated Solutions
Proof of concept is a proven methodology for testing new technologies, but it isn’t perfect, and it can be more of a hindrance than a help.

Inundated with cyberattacks from all directions
August 2019 , Editor's Choice, Cyber Security, Security Services & Risk Management
IT managers are inundated with cyberattacks coming from all directions and are struggling to keep up due to a lack of security expertise, budget and up-to-date technology.

Cyber tools and solutions
August 2019, Technews Publishing , Editor's Choice, Cyber Security, IT infrastructure, Residential Estate (Industry)
Hi-Tech Security Solutions looks at the various options we have when it comes to protecting yourself from the ever-growing scourge of cybercrime?

Improving safety at healthcare facilities
August 2019, Active Track , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Healthcare (Industry)
Active Eye transforms 2 MP IP cameras into virtual employees or controllers who are permanently on duty managing your healthcare facility.