This guide was designed to provide important considerations for CISOs (and security teams) faced with the decision of whether to tackle security initiatives in-house or outsource to a managed security service provider.
1. Make vs. Buy: The CISO's Guide to
Evaluating Managed Security Services
2. About the CISO’s Guide to Evaluating Managed Security Services
This guide was designed to provide important considerations for CISOs
(and security teams) faced with the decision of whether to tackle security
initiatives in-house or outsource to a managed security service provider.
3. On-Premise or Managed Security Services?
Adjustments are required so that organizations can focus finite
resources on their highest priorities.
Data security and testing is a regulatory requirement for many
organizations.
Few CISOs believe they have sufficient security resources for the
growing threat environment, and applying these resources to
their highest priorities is critical.
Experienced CISOs will look for alternatives to achieve internal
goals while managing budgets and overhead.
4. Security as a Service
Security as a Service has become a popular option for
augmenting internal security resources.
Security software offered as a managed security service
allows organizations to take advantage of the product
and security expertise of vendors to deploy, manage,
and monitor solutions.
This practice can accelerate time-to-value of security
investments, improve enterprise security, and reduce
overhead and capital budgets.
5. 5 Key Considerations When Choosing Between an On-
Premise Deployment vs. Managed Services
The next five slides will cover 5 important areas to consider when
making the “make vs. buy” security decision:
1. Security Resources & Opportunity Cost
2. Infrastructure
3. Performance
4. Domain-specific Expertise
5. Existing Vendor Security Controls
6. 1. Security resources and opportunity cost
The scarcest resource, even for those organizations with larger
budgets, is often skilled security practitioners.
Deploying those resources efficiently can be difficult, and
opportunity cost is often the most critical factor for organizations
considering managed security services.
Businesses with limited security resources often reason that
focusing those resources on security activities that require on-site
personnel is preferable to devoting those resources to activities
that can be safely outsourced.
7. 2. Infrastructure
Most on-premise software deployments require internal
personnel to learn how to operate and manage the new
software, stand-up servers and databases, and train users.
Inevitably, deployments include unexpected delays due to
the organization’s lack of familiarity with the tools.
Using a managed security service provider eliminates much
of the set-up time and costs.
A hybrid model is emerging: the vendor supplies and
manages the software used in the managed security
program, while the customer manages the infrastructure in
their own IT environment.
8. 3. Performance
Managing new software requires organizations to
educate IT and security personnel about how the
software works, deployment strategies, optimizing
configurations, and supporting end users.
In a managed service approach, professional
administrators and software experts manage the
application, monitor alerts, support end users, and
provide assistance when incidents occur.
• Often available 24x7x365, relieving individual
organizations from the task of recruiting, training, and
managing in-house personnel.
9. 4. Domain-specific expertise
Productivity increases with familiarity, practice, and experience.
For in-house deployments, the people running new applications
must go through the same learning curve.
Managed security service providers use employees whose sole
responsibilities are to deploy, manage, and monitor a specific
application.
Having product experts on call to help refine rules, deploy
advanced use cases, and respond to alerts or incidents results in
better value, faster.
10. 5. What security controls does the vendor have in place?
With the exception of hybrid managed security service
offerings, data must leave the premises for processing and
evaluation.
Managed security service providers should obfuscate data in a
way that allows effective analysis without the possibility of
revealing weaknesses if others view the information.
Specialization allows these hosting facilities to offer superior
services at a lower marginal cost.
11. Getting Started
o For organizations with available bandwidth and resources, or with
previous experience running the application in question, an on-premise
deployment makes sense.
o If faster value, lower IT overhead, and additional security expertise are
part of your needs, a managed service (or hybrid managed services)
offering can help.
o Learn more about how Digital Guardian’s Managed Security Program can
start protecting your data today:
Download the Digital Guardian MSP Technical Overview