Monday, July 22, 2024

The Rise and Rise of Cybersecurity Services

If there’s one trend which can match the extraordinary rise of cybercrime in the last decade, it’s the way that cybersecurity defences are rapidly being turned into something which can be bought as a service.  As with other previous software expansion – the move to online and cloud applications for instance – this is being driven by a mixture of technological capability, business need, and deeper changes in business models in an era of digital transformation.

For years, the dominant model was to build cybersecurity inhouse as a do-it-yourself operation. This gave organisations control over technology but at a price: there was a need for constant investment as well as integration of new technology systems as these appeared. Over time, this bred complexity, which has had negative consequences down the line for cybersecurity as organisations struggle to close gaps between products from different generations.

As cyberattacks have gone from a general business risk to something that is more acute, complexity has combined with this trend to drive up costs and led to a shortage of skills as experienced personnel have become hard to hire. It was these factors which fueled the need for cybersecurity services companies. At a stroke, this allowed whole industries to solve the complexity and problem of unpredictable cost by using a third-party supplier.

Today, the market has seen such a huge expansion the question is less a matter of which types of cybersecurity service are offered as a service than which can’t be offered in this way. So far, the answer is that anything can be turned into a service if the market will pay for it.

One recent estimate by analyst Grand View Research is that in 2020 the global market for cybersecurity services was worth almost $92 billion, which will grow at a compound annual growth rate of 10.2% to reach $193 billion by 2028. Almost three quarters of this was professional services, which includes business support, technical management services, consulting and training, and incident readiness and response services (which also covers established services such as penetration testing, forensics, red teaming, bug bounty management, and vulnerability assessment).

The remaining quarter includes managed support provided by managed security services providers (MSSPs) and more recent developments such as managed detection and response (MDR). These sectors are not always mutually exclusive, and a new sector of companies is emerging which provides both professional and managed services under one roof.

At first this seems unlikely – professional services such as training, penetration testing, and post-incident forensics seem would usually be thought of as distinct from managed security as a service of the sort offered by an MSSP. However, it’s also possible that demand for one is driving demand for additional services in which case consolidating them in one provider makes complete sense.

Interestingly, cybersecurity services companies are not necessarily immune from some of the problems that caused them to boom in the first place, especially when it comes to skills.  IT skills have been in short supply since at least the networking boom of the 1990s, but this is doubly so in cybersecurity where there remains a gap between qualifications and hands-on experience under real world conditions.

Organisations looking at cybersecurity services need to assess this hidden element of the sector carefully. All providers will hire staff with experience of penetration testing, training, and incident forensics. However, the skills needed in an emergency – in the event of a ransomware attack, say – will still rest on previous experience of this type of event.

A question mark hovers over how quickly managed services will grow. The crunch point here isn’t the idea of managed detection, which has been around for years, but the capabilities of incident response. Logically, the two work best when one entity looks after both sides of this part of cybersecurity defense because handover to a separate department or organization is always going to slow response. 

Gartner predicts that by 2025, half of organizations will be comfortable enough to allow third party MSSPs to handle response, cleanup, and forensics in one cycle, up from 15% today. That prediction will still depend on how much innovation service providers will be able to push into their expanding MDR platforms, which themselves are built atop a plethora of tools and cybersecurity platforms.

The first generation of cybersecurity vendors emerged from the networking industry of the 1990s while the second generation emerged as startups, some of which merged with large, former networking vendors. Cybersecurity consisted of numerous, poorly integrated niches. Perhaps the new wave of cybersecurity services will eclipse this economic model and become giants in and of themselves. If so, this sector could eventually dominate the whole cybersecurity sector as all cybersecurity becomes a service in one form or another. 


Latest articles

SonicOS IPSec VPN Vulnerability Let Attackers Cause Dos Condition

SonicWall has disclosed a critical heap-based buffer overflow vulnerability in its SonicOS IPSec VPN....

Hackers Registered 500k+ Domains Using Algorithms For Extensive Cyber Attack

Hackers often register new domains for phishing attacks, spreading malware, and other deceitful activities. Such...

Hackers Claim Breach of Daikin: 40 GB of Confidential Data Exposed

Daikin, the world's largest air conditioner manufacturer, has become the latest target of the...

Emojis Are To Express Emotions, But CyberCriminals For Attacks

There are 3,664 emojis that can be used to express emotions, ideas, or objects...

Beware Of Fake Browser Updates That Installs Malicious BOINC Infrastructre

SocGholish malware, also known as FakeUpdates, has exhibited new behavior since July 4th, 2024,...

Data Breach Increases by Over 1,000% Annually

The Identity Theft Resource Center® (ITRC), a nationally recognized nonprofit organization established to support...

UK Police Arrested 17-year-old Boy Responsible for MGM Resorts Hack

UK police have arrested a 17-year-old boy from Walsall in connection with a notorious...

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles