Ensure Your Security Services Are Constant and Predictive

In Cyber Security Services: What’s in Store for 2018? we outlined our predictions for client priorities for cyber security services in 2018. Here we outline the services clients should prioritize to get the most relevant and useful cyber security services from service providers.

Consider security – always!

Security should not be a one-time concern for specific projects. Instead, it should be an important consideration at the beginning, middle, and end of project deployments. Even with this approach, you are never 100% secure as this is impossible to achieve. You should keep security near the top of your project consulting, implementation, and management services checklists; stay aware of your vulnerability to internal and external security threats; and have a robust plan to deal with any attacks that make it through the technical and personnel barriers. Enterprises can implement policies and procedures internally but partnering with a service provider can be beneficial as having access to the best talent and understanding dynamic market conditions can be a challenge.

Outsource security for the best guidance and security mix

The cyber security services market includes strategy and technical consulting, security solution and process implementation, and ongoing monitoring and management services of infrastructure and applications. Security service providers can therefore provide guidance across the security services lifecycle to enable enterprises to understand the issues, implement the necessary technologies and processes, and have a continuous monitoring program. Below, we outline a few of the most commonly available cyber security services delivered by providers.

Consulting services: These include a mix of technical and business-oriented services that ensure that you are aware of threats to your environment, that you align your security strategy to your business strategy, and of course provide relevant technical security consulting. Most security service providers deliver the following cyber security consulting services:

• Security awareness training
• Security strategy consulting
• Risk management and compliance
• Privacy GDPR consulting (e.g., GDPR)
• Identity and access management (IAM) consulting
• Digital transformation security consulting
• Education: product training and certifications
• Infrastructure security consulting
• Application security consulting
• Cloud security consulting
• Optimising security software: offered by some software providers, including McAfee and Symantec
• Ethical hacking and proactive threat hunting services
• Vulnerability scanning.

Security and privacy by design: Consider implementing security-by-design and privacy-by-design in all projects so that you do not have to retrofit security solutions and procedures post-implementation. Security should be one of the areas that appears on checklists before embarking on any IT services project, whether you manage the project in-house or use an external service provider.

Implementation services: This includes the implementation of security policies, procedures, and solutions that the consulting services have outlined to be necessary. Ensuring that everyone understands their specific roles, duties, and responsibilities to maintain security and that they effectively and quickly respond to threats is critical to long-term success. Ensure that your service providers place as much, or more, focus on these issues than they do on the implementation of security technologies.

Management services: These include standard ‘keeping the lights on’ management services and more proactive threat monitoring services. Service offering include:

• Threat readiness
• Threat detection
• Security monitoring services
• Managed device services
• Identity management services
• Managed application security
• Network threat detection
• Data protection and privacy management
• Compliance monitoring services.

Explore options: Ask your service provider to present the merit of all their managed security services offerings to ensure that you have not overlooked anything important. Ask the service provider to highlight the ones that are most pertinent for you—the ones that align specifically to your business requirements and security concerns. Finally, explore any flexible contracting options the service provider may offer. For example, DXC Technology offers a packaged Threat Monitoring service, which includes incident detection and response, security analytics, global threat intelligence feed, and proactive threat hunting services. This is often sold as a separate package to the full managed security services portfolio. This is important as it enables clients to access ongoing support services without committing to a full managed security service if they are not ready or do not have sufficient budget.

Ensure you take full advantage of the latest innovations in security and stay ahead of threats, rather than react to them

One of the advantages of using an external service provider for threat detection services is having access to their advanced solution investments that use leading-edge technologies. Always ask your service provider about their investments in proprietary technologies to understand the true value add you would achieve by contracting them. Service providers like EY and Wipro are exploring the use of machine learning and AI to provide threat intelligence, detection, and response, because people alone cannot keep up with the speed and nature of attacks. Exhibit 1 provides examples of some more service provider investments. It includes the use of machine learning and analytics to drive differentiation in the service provider landscape. Importantly, services like these offer clients important proactive threat intelligence services that are critical in dynamic business environments.

Exhibit 1: Service provider threat intelligence service investments

Source: HfS, June 2018

When selecting a cyber security service provider, ask them to present their innovations and investments in proprietary technologies. If you allow them to just present their standard security services portfolio, you risk receiving similar responses. Asking for the investments and use of leading technologies will help you clearly see the differentiators between the providers and identify which align best to your specific security services requirements.

Bottom Line: Make security a constant in all business activities involving technologies

Ensure that cyber security is a priority consideration when embarking upon all business activities involving technologies. You can contract a service provider to assess security across your IT environment, highlight vulnerabilities, and identify mitigating actions. While this is a useful periodic exercise, it is better to instead adopt a security-by-design approach from the outset rather than fill security gaps with policies, procedures, and technologies post-implementation. Evaluate service provider service offering investments, including their proprietary technologies and flexible pricing options. Enterprise investments in digital transformations will further highlight the need for a robust cyber security strategy. HfS will publish a cyber security services Blueprint Report in Q4 2018, in which we will analyse the capabilities and vision of a select set of cyber security service providers, to enable clients to understand offerings and facilitate selection.