Editorial

Organisations facing mounting security challenges look to outsourcing

Jeremy Hendy, CEO of Skurio on why now is the time organisations should consider outsourcing their cybersecurity

Posted 16 June 2021 by Christine Horton


Although light has finally appeared at the end of the pandemic tunnel, organisations still face major security challenges in the months ahead. With budgets stretched and skilled cybersecurity staff hard to find, IT leaders are in search of smart ways to plug the security gaps, keep pace with the complex threat landscape and improve their cyber resilience.    

This need has never been greater. Demand for security practitioners has long outpaced supply, so the option of adding to headcount by recruiting in-house security staff is now too expensive for most organisations. For those that already have dedicated, in-house security specialists, workloads have increased to such an extent that outside help is needed.  

As a result, more leaders have turned to outsourcing to help manage costs and access the vital security services they need. The pandemic has provided a catalyst for change and, as organisations navigate their way through the next post-lockdown phase, they will rely on trusted partners who can support them through all the security challenges that lie ahead.

Why is outsourcing security so important?

2020 was a year like no other, with organisations forced to tackle new cybersecurity threats. With digital transformation projects fast-tracked and remote working becoming the norm, the cyberattack landscape looks considerably different to pre-pandemic times. Cyberattacks have evolved and now occur with such frequency that, according to the most recent DCMS Cyber Security Breaches Survey, almost half of all businesses,46 percent, report having cybersecurity breaches or attacks in the last 12 months. 

The challenge of protecting against these attacks is compounded by the cyber skills shortage. The difficulty in hiring and retaining skilled staff is one of the biggest issues facing security leaders and scarcity is driving up costs. One report has found that nearly half of UK businesses lack the basic skills for essential daily security tasks and that around 30 percent of them have more advanced skills gaps.

Outsourcing essential cyber services to a third-party provider can help mitigate these risks, at the same time enabling teams to concentrate on their core activities. It’s estimated that around four in ten businesses now have an external cybersecurity provider and that outsourcing is most common among small and medium businesses who may find they are priced out of the market when it comes to hiring skilled, in-house security staff. Outsourcing to external providers gives them access to the latest security technology, skills and strategic advice from trusted partners.  

Adding Value with Threat Intelligence

As the scale and cost of breaches rise, IT leaders are looking for providers that can offer more than just the basics in cybersecurity. Identifying threats outside the network perimeter is key and this is where partners can add real value. Partners providing more advanced threat intelligence and breach detection services can identify potential attacks and threats to critical data that exists outside the organisation’s network.

This has become more important as digital footprints expand and digital transformation programmes accelerate. Organisations now operate at the centre of a growing supply network that can extend to hundreds or even thousands of other businesses. Cyber attackers often target suppliers and partners and avoid an organisation’s security measures, so they need to be aware of their digital supply chain as well as their own IT estate.

The key to mitigating these risks is monitoring for and gaining visibility of data that has been leaked or breached. This could include data that was stolen in a previous breach that went undiscovered or data that was stolen from a third party such as a supplier or partner. Monitoring external sources, including deep and Dark Web forums puts organisations on the front foot in mitigating and responding to attacks. Dark Web threat intelligence provides a vital early warning system so action can be taken faster to minimise any disruption or data loss.

This intelligence empowers business to minimise the financial and reputational impact of data falling into the wrong hands. A breach can damage customer trust, resulting in lost business as they go elsewhere. It’s a position that no business wants to be in, particularly with the cost of recovery from a major data breach now put at, on average, £2.9 million.  GDPR fines have now also started to bite as regulators crack down on organisations that are not taking steps to protect personal data. The ICO collected some £39.7 million in fines for data protection violations in 2020.

With access to the latest threat intelligence out of reach for all except the largest enterprises with the largest budgets and full in-house security teams, there are real opportunities for providers to capitalise on this burgeoning market. The latest breach detection services are affordable and accessible to organisations of all sizes.

By equipping organisations with the ability to proactively detect and respond to external threats channel partners can arm customers with access to the latest innovative technology, giving them a major advantage in keeping safe and secure.

Jeremy Hendy, CEO of Skurio