Many companies have no form of cybersecurity. They are just waiting to be attacked. Speaking about cybersecurity, Gartner analyst, Avivah Litan told Computer World, "Companies are worse off by 100% compared to ten years ago because the world is more complicated now."That's not good news. The cybersecurity threats are growing and the resources are static. Every day we hear about international cybersecurity threats, not just to businesses but to our nation, our economy, and our defenses. Does the recent WannaCry ransomware attack ring a bell? Our way of living is threatened, not to mention billions of dollars are at stake. Yet, we don’t hear much about increases in resources to combat the problem.
We live in an anywhere, anything, anybody, 24x7, digital world powered by networks, whose reliability and security we question has become more critical than ever. This has led experts to suggest to small to mid-sized business that they move to a security as a service (SECaaS).
Some say that by 2020, 85 percent of large enterprises will use a cloud access security broker solution for their cloud services, up from less than five percent in 2015. Others note that 80 percent of organizations’ IT budgets will be dedicated to cloud computing services within the next couple of years with security-as-a-service accounting for the second biggest piece of spending (79%). Experts say this could lead to a SECaaS market that exceeds $8.5 billion.
Forrester's "Market Overview: Managed Security Services" report estimates the size of the SECaaS market to be more than $4.5 billion, which includes software-as-a-service and outsourced security offerings. The top 20 vendors hold about 80 percent of market share, led by IBM, Symantec, BT, HP, and Verizon Business, according to the report. None of those companies holds more than ten percent of the market.
We can easily understand why SECaaS is growing. In addition to offering a portfolio of prevention, detection, and resolution services, SECaaS offers email encryption, security information and event management, identity and access management, data loss prevention, and disaster recovery.
SECaaS is easy on the budget, relatively speaking. It can be managed in the cloud or by a MSP, like Vology. SECaaS pros have the expertise and experience to keep companies safe and, of course, they stay right on top of the most recent developments and updates.
Outsourcing security is an excellent choice. Companies can shift their responsibility for their organization's protection to a supplier, but the buck still stops with them. They'll still have some worries, such as who's responsible versus who's accountable, regulatory challenges, the increasing speed of changes impacting all aspects of an organization, and the agility required to keep up with those changes, as well as advances in technology and new approaches like network segmentation and micro-segmentation.
Companies are looking at any option that might help them mitigate their risks. Network segmentation (i.e. zoning and micro-segmentation) and software-defined security (SDS) are getting close looks. They are not new, but companies know that they can split networks into logical subnetworks with the spread of software-defined networking. They can tailor security policies for each segment and lessen the risk of breaches spreading.
In these days of accelerating risks, companies are not asking themselves if they should use security as a service but when. They will still have ultimate responsibility and accountability, but they will also have security.