Not all managed security services are created equal
Do you really know where your threat intelligence is coming from?
Increasing recognition of the value of managed security services (MSS) has ignited spending in the sector, with managed services and cloud solutions seen as critical elements of a complete security vision. Yet without an effective threat-intelligence feed, even the best MSS solution is leaving networks unprotected.
That’s a hard realisation for companies that have accumulated enough individual security solutions over the years, and feel that their security portfolio is both broad and deep enough to protect them.
Such companies continue to believe that they can spend their way to total information security: IDC, for one, recently predicted that security-related services would be the largest ($US40.2b or $A55.9b) category of security spending worldwide.
The firm also expects the category’s 11.9 percent compound annual growth rate will see it expanding faster than any other security market segment – to the point where, by 2022, half of all security spending will be on security services, and half of that spending will be on MSS offerings.
"Security remains an investment priority in every industry as companies seek to protect themselves from large scale cyber attacks and to meet expanding regulatory requirements," noted Eileen Smith, IDC program director for Customer Insights and Analysis.
"While security services are an important part of this investment strategy, companies are also investing in the infrastructure and applications needed to meet the challenges of a steadily evolving threat environment."
Given that changing threat environment, however, it’s important to understand that not all MSS offerings are the same – and to choose an MSS that changes with the times. Failing to do so may leave companies unprotected, even when they think they’re all set.
Architecting for security
Like any managed offering, to be most effective managed security services must be wrapped into the broader context of the enterprise operating environment – including elements such as its network, data centre, and cloud architecture.
Supporting threat-intelligence services need to be equally context-aware, with data drawn from a range of third-party and open-source feeds that are and cross-correlated to reduce false positives and increase the relevance of its results.
Because it is built on a global IP network that carries nearly 40 percent of the world’s Internet traffic, NTT Communications is uniquely positioned to support customers with a real-time threat intelligence architecture that reflects the threats that are actually threatening businesses at any given point in time.
The value of this real-time view cannot be overstated. Continuous analysis of network traffic delivers an unparalleled real-time threat intelligence capability that is both relevant and actionable – providing a real competitive differentiator for NTT Communications’ MSS offering.
With 16 years’ experience delivering managed security services, NTT’s threat-intelligence capabilities feed into a broad range of consultancy, architecture, security and cloud services built around NTT’s global IP network, 10 security operations centres (SOCs), seven R&D centres, and a global network of more than 140 secure data centres.
Working together, those facilities offer clients in Australia, and around the world, comprehensive MSS capabilities backed by a unique global data set.
If the service fits...
Ultimately, the promise of managed security services and cloud-based security lies in its ability to free businesses from the need to do everything themselves. That pressure has become even more complicated with worsening ICT and security skills shortages, since businesses often can’t even find the right staff to support this work themselves.
By factoring the right managed services into their network mix, businesses can benefit from integration of automation and other services into their daily workflow – improving their performance and effectiveness even as they pursue ambitious digital transformation agendas.
The further addition of threat-intelligence capabilities increases efficiency by allowing NTT Communications to rank and prioritise threats as they emerge. Fewer false positives ensures that overworked ICT and security staff won’t be engaged unless absolutely necessary.
Enhanced in this way, MSS can also provide invaluable support for new compliance and governance requirements that impose significant penalties for organisations that fail to adequately protect their sensitive data and networks.
As operational environments sprawl across hybrid IT and cloud environments, traditional services including network design and infrastructure maintenance are being supported by more proactively delivered hybrid cloud architectures, security services, unified collaboration, identity and access management (IAM), and more.
Better threat intelligence can also speed response times by helping MSS capabilities work in conjunction with software-defined networks (SDNs) and WANs (SD-WANs). These flexible architectures provide better control over network configuration and parameters, improving visibility of network activity that can be invaluable in spotting and shutting down security compromises as they happen.
Software-defined architectures go hand in hand with automation technology, which is emerging as increasingly sophisticated services deliver on its promise of empowering businesses to better manage their networks in the face of continuing cybercriminal attacks.
As threat-intelligence techniques continue to improve, security services will increasingly leverage technologies like big data, analytics, machine learning, and artificial intelligence to better comb through large volumes of network activity and security-related data – and extract outliers that can dramatically accelerate the detection and response to cybersecurity incidents.
Informed by real-time threat-intelligence feeds, software-defined security architectures can proactively react to global outbreaks, monitoring or shutting down suspicious activity long before it has a chance to affect a company’s network.
Having such an effective real-time capability requires visibility into global Internet traffic that few service providers can even contemplate. This capability reflects the increasingly important role that managed security and other services are playing in helping companies transform themselves. Take the time to find a solution that fits many of your needs, and you’ll be able to pivot more effectively into the future with the confidence that effective, scalable and well-managed security provides.
Learn more about NTT Communications’ cybersecurity solutions and services: https://www.nttict.com/services/ict-security/