Now That Data Breaches are Unavoidable, Where Should You Get Your Security?

Matthew Eveleth
By Matthew Eveleth

August 9, 2018

Data breaches unavoidable? Whatever happened to cyber security and data protection? The short answer is that they are still both applicable, but their nature has changed recently. This is because what needs to be secured and protected has also changed. Today, effective security includes the assumption that data breaches, even if they are only small, are inevitable. If they are kept small and then eliminated, you win. If they grow to do major damage, you lose. If you use managed security services for your enterprise, the provider of those services must adapt to this new truth as well. And you’ll need to know how to pick a provider that meets your needs in the present, not one that is still living in the past.

The Perimeter No Longer Exists

Gone are the days when all the enterprise data was contained within a well-defined perimeter protected by firewalls, plus anti-virus software inside – just in case. That perimeter no longer exists. Employees with mobile devices and cloud data storage are two reasons why it’s gone. Add in social networks (professional as well as personal), and you can see the risk of company data ending up almost anywhere. Within that data could be account IDs and passwords enabling attackers to find their way into your corporate systems and the most sensitive of your information assets. Yesterday’s data security strategies relying solely on keeping bad actors out are no longer enough.

The Role of a Security Services Provider

For most enterprises and organizations, data security is of vital importance but not a core competence. The customers and business partners of an enterprise expect it to keep their data safe, but don’t necessarily expect it to have its own in-house security operations center. Managed security services providers started business on this premise. They saw an opportunity to offer paid security services, taking away a headache and allowing their clients to focus on their real businesses of retailing, manufacturing, hospitality, transport, or whatever.

How It Was Yesterday

Malware and other threats could be detected through rules and signatures. System and network log data could be collected and processed to detect anomalies, but if the service provider had correctly configured the firewalls and security parameters, anomalies were few and far between. As a by-product of that configuration, the service provider could also assess the client’s compliance with data security standards and regulations. More enterprising providers also offered information security awareness training. Otherwise, they could be contacted via their web portal if the client had questions and – exceptionally – via a real person if there was a real problem.

How It Is Today

Now, here’s the key question. If such security service providers started at a time when prevention was the only security game in town, how effective are they today when prevention (still important) is no longer enough? It should be clear that yesterday’s managed security services, the ones described above, are insufficient. Not only have the goalposts moved in terms of data storage, but cybercriminals have become significantly more advanced in their attacks. The smart ones know how to avoid conventional protection based on rules and signatures. And yesterday’s oh-so-obvious mass phishing attacks are being replaced by massively customized attacks, where each attack is specifically designed for each individual target.

What You Need to Know

If you use managed security services, it is essential to understand what those services do and whether they will adequately protect your organization. If you now want to know what your best route to security via a service provider is, read this white paper.

Tags: AI-Driven MDR, Gartner Security & Risk Management Summit, Managed Detection and Response


Matthew Eveleth

Matthew is the Regional Director for the US Mid Atlantic area, and is involved with client relationships and account management.