Tuesday, December 3, 2024
Homecyber securityThe Rise and Rise of Cybersecurity Services

The Rise and Rise of Cybersecurity Services

Published on

SIEM as a Service

If there’s one trend which can match the extraordinary rise of cybercrime in the last decade, it’s the way that cybersecurity defences are rapidly being turned into something which can be bought as a service.  As with other previous software expansion – the move to online and cloud applications for instance – this is being driven by a mixture of technological capability, business need, and deeper changes in business models in an era of digital transformation.

For years, the dominant model was to build cybersecurity inhouse as a do-it-yourself operation. This gave organisations control over technology but at a price: there was a need for constant investment as well as integration of new technology systems as these appeared. Over time, this bred complexity, which has had negative consequences down the line for cybersecurity as organisations struggle to close gaps between products from different generations.

As cyberattacks have gone from a general business risk to something that is more acute, complexity has combined with this trend to drive up costs and led to a shortage of skills as experienced personnel have become hard to hire. It was these factors which fueled the need for cybersecurity services companies. At a stroke, this allowed whole industries to solve the complexity and problem of unpredictable cost by using a third-party supplier.

- Advertisement - SIEM as a Service

Today, the market has seen such a huge expansion the question is less a matter of which types of cybersecurity service are offered as a service than which can’t be offered in this way. So far, the answer is that anything can be turned into a service if the market will pay for it.

One recent estimate by analyst Grand View Research is that in 2020 the global market for cybersecurity services was worth almost $92 billion, which will grow at a compound annual growth rate of 10.2% to reach $193 billion by 2028. Almost three quarters of this was professional services, which includes business support, technical management services, consulting and training, and incident readiness and response services (which also covers established services such as penetration testing, forensics, red teaming, bug bounty management, and vulnerability assessment).

The remaining quarter includes managed support provided by managed security services providers (MSSPs) and more recent developments such as managed detection and response (MDR). These sectors are not always mutually exclusive, and a new sector of companies is emerging which provides both professional and managed services under one roof.

At first this seems unlikely – professional services such as training, penetration testing, and post-incident forensics seem would usually be thought of as distinct from managed security as a service of the sort offered by an MSSP. However, it’s also possible that demand for one is driving demand for additional services in which case consolidating them in one provider makes complete sense.

Interestingly, cybersecurity services companies are not necessarily immune from some of the problems that caused them to boom in the first place, especially when it comes to skills.  IT skills have been in short supply since at least the networking boom of the 1990s, but this is doubly so in cybersecurity where there remains a gap between qualifications and hands-on experience under real world conditions.

Organisations looking at cybersecurity services need to assess this hidden element of the sector carefully. All providers will hire staff with experience of penetration testing, training, and incident forensics. However, the skills needed in an emergency – in the event of a ransomware attack, say – will still rest on previous experience of this type of event.

A question mark hovers over how quickly managed services will grow. The crunch point here isn’t the idea of managed detection, which has been around for years, but the capabilities of incident response. Logically, the two work best when one entity looks after both sides of this part of cybersecurity defense because handover to a separate department or organization is always going to slow response. 

Gartner predicts that by 2025, half of organizations will be comfortable enough to allow third party MSSPs to handle response, cleanup, and forensics in one cycle, up from 15% today. That prediction will still depend on how much innovation service providers will be able to push into their expanding MDR platforms, which themselves are built atop a plethora of tools and cybersecurity platforms.

The first generation of cybersecurity vendors emerged from the networking industry of the 1990s while the second generation emerged as startups, some of which merged with large, former networking vendors. Cybersecurity consisted of numerous, poorly integrated niches. Perhaps the new wave of cybersecurity services will eclipse this economic model and become giants in and of themselves. If so, this sector could eventually dominate the whole cybersecurity sector as all cybersecurity becomes a service in one form or another. 

Latest articles

PEFT-As-An-Attack, Jailbreaking Language Models For Malicious Prompts

Federated Parameter-Efficient Fine-Tuning (FedPEFT) is a technique that combines parameter-efficient fine-tuning (PEFT) with federated...

Hackers Cloning Websites, Exploiting RCE Flaws To Gain Access To Shopping Platforms

Cybercriminals are leveraging AI-powered phishing attacks, website cloning tools, and RCE exploits to target...

Hackers Exploited Windows Event Logs Tool log Manipulation, And Data Exfiltration

wevtutil.exe, a Windows Event Log management tool, can be abused for LOLBAS attacks. By...

Threat Actors Allegedly Claims Breach of EazyDiner Reservation Platform

Reports have emerged of a potential data breach involving EazyDiner, a leading restaurant reservation...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Shut Down Phishing Attacks -Detection & Prevention Checklist

In today's interconnected world, where digital communication and transactions dominate, phishing attacks have become...

Why the MITRE ATT&CK Evaluation Is Essential for Security Leaders

In today’s dynamic threat landscape, security leaders are under constant pressure to make informed...

Firefox 133.0 Released with Multiple Security Updates – What’s New!

Mozilla has officially launched Firefox 133.0, offering enhanced features, significant performance improvements, and critical...