< ? php //If there is analytic campaign data, attempt to get the campaign_guid from that cookie if ( 1 === preg_match( '/pk10mkto-([0-9]+)/', $_COOKIE[ '__utmz' ], $match ) ) { $campaign_guid = $match[ 1 ]; } ?>

Managed Security Services Rise to the Challenge


Years ago the technology consultants at Yankee Group forecast that overall spending by large enterprises for managed IT security services would increase from $140 million in 2000 to $1.7 billion by 2005. That jump in expenditures was indicative of a shift in how companies were approaching IT security, with an increasing number of them moving from in-house control to third-party vendors. After all, what company wasn’t attracted to the idea of an affordable, efficient solution that allowed IT staff to focus on core business goals while security experts focused on security?

Now more than a decade later, Gartner predicts that the managed security services market will make a substantially bigger leap ─ from $12 billion in 2013 to more than $22.5 billion by 2017.  Even the US government, which knows about data privacy breaches (does the name Snowden ring a bell?), is expected to up its IT security budget from $5.9 up to 7.3 billion by 2017.
These increases, however, do not simply reflect a continued migration to outsourced IT security for economic reasons or a desire to free up staff. Rather, there are several drivers at work making managed security services more attractive ─ and increasingly necessary.

New Technologies, New Attacks

Organizations today are facing tremendous pressure both from the attack landscape and in the form of compliance mandates. The cloud, social media, bring your own device (BYOD) and other trends, technologies and communication platforms have increased the attack surface, creating an ever-widening gap in protection that cyber criminals are using to attack companies of all sizes. Cyber-threats have become so damaging and attacks so pervasive that legacy perimeter- and signature-based security controls are often ineffective, and many organizations are finding themselves outmatched.

At the same time, there is a significant skills shortage across the IT industry. It is becoming more difficult to find skilled employees to protect a company’s IT assets against threats that are growing in complexity and maliciousness.

Compliance Ups Security Requirements

Compliance requirements are also driving many organizations to outsource IT security to help meet their regulatory obligations. A number of agencies and government entities are putting more stringent, often complicated security requirements in place, and many are threatening increased financial penalties for noncompliance ─ or worse.

Meet Security and Compliance Needs

IT infrastructure solutions providers and managed services companies (Peak 10 and its technology partner SilverSky, among them) are responding with new technologies and more advanced services, leveraging big data and analytics to become more adept at managing existing and emerging threats. Smart companies that understand the importance of leading-edge security for their IT assets are making managed security services a priority item in their budgets. So what are the services they are requesting and what is most needed?

While the choice of managed IT security services varies based on each individual organization’s needs, these are some of the most common and what Forrester Research refers to as the core set of services that top managed services providers should offer:

  • APT detection and remediation
  • Identity and access management services
  • Distributed/denial of service (DDoS)
  • Log management, monitoring, and archive
  • Email filtering (spam, AV, etc.)
  • Network intrusion detection/protection systems management
  • Server patch management Emergency response services
  • Endpoint antivirus SIEM (security information and event management)
  • Endpoint patch management
  • Threat intelligence
  • Firewall management
  • Vulnerability testing
  • Governance, risk and compliance consulting
  • Web application firewall
  • Web application monitoring
  • Host intrusion detection/protection system

In addition, some companies are also offering packaged compliance solutions to help ease the burden on organizations that must meet specific regulatory requirements.  Among them is Peak 10, which offers both a PCI and HIPAA compliance bundle as well as its PCI- and HIPAA-compliant clouds.

Make no mistake. The managed security services industry is growing exponentially because there is a need for those services.   Isn’t it time you figured out what you need?  For more information on security, be sure to check out these resources from Peak 10 (which, by the way, offers all the services listed above.) And look for a future blog and how to assess the various managed services and managed services providers out there.

Bartlett, Michael. “Security Worth $1.7 Bil by 2005 – Yankee Group.” May 22, 2001.http://www.newsbytes.com/news/01/166005.html?&_ref=1745144517

Fine tune your content search

About Peak 10

"Our values are the foundation for everything we do at Peak 10, and are ultimately what enable us to earn our customers' business and their trust."
David H. Jones,
Board Member, Peak 10 + ViaWest