Thursday, March 28, 2024

The Rise and Rise of Cybersecurity Services

If there’s one trend which can match the extraordinary rise of cybercrime in the last decade, it’s the way that cybersecurity defences are rapidly being turned into something which can be bought as a service.  As with other previous software expansion – the move to online and cloud applications for instance – this is being driven by a mixture of technological capability, business need, and deeper changes in business models in an era of digital transformation.

For years, the dominant model was to build cybersecurity inhouse as a do-it-yourself operation. This gave organisations control over technology but at a price: there was a need for constant investment as well as integration of new technology systems as these appeared. Over time, this bred complexity, which has had negative consequences down the line for cybersecurity as organisations struggle to close gaps between products from different generations.

As cyberattacks have gone from a general business risk to something that is more acute, complexity has combined with this trend to drive up costs and led to a shortage of skills as experienced personnel have become hard to hire. It was these factors which fueled the need for cybersecurity services companies. At a stroke, this allowed whole industries to solve the complexity and problem of unpredictable cost by using a third-party supplier.

Today, the market has seen such a huge expansion the question is less a matter of which types of cybersecurity service are offered as a service than which can’t be offered in this way. So far, the answer is that anything can be turned into a service if the market will pay for it.

One recent estimate by analyst Grand View Research is that in 2020 the global market for cybersecurity services was worth almost $92 billion, which will grow at a compound annual growth rate of 10.2% to reach $193 billion by 2028. Almost three quarters of this was professional services, which includes business support, technical management services, consulting and training, and incident readiness and response services (which also covers established services such as penetration testing, forensics, red teaming, bug bounty management, and vulnerability assessment).

The remaining quarter includes managed support provided by managed security services providers (MSSPs) and more recent developments such as managed detection and response (MDR). These sectors are not always mutually exclusive, and a new sector of companies is emerging which provides both professional and managed services under one roof.

At first this seems unlikely – professional services such as training, penetration testing, and post-incident forensics seem would usually be thought of as distinct from managed security as a service of the sort offered by an MSSP. However, it’s also possible that demand for one is driving demand for additional services in which case consolidating them in one provider makes complete sense.

Interestingly, cybersecurity services companies are not necessarily immune from some of the problems that caused them to boom in the first place, especially when it comes to skills.  IT skills have been in short supply since at least the networking boom of the 1990s, but this is doubly so in cybersecurity where there remains a gap between qualifications and hands-on experience under real world conditions.

Organisations looking at cybersecurity services need to assess this hidden element of the sector carefully. All providers will hire staff with experience of penetration testing, training, and incident forensics. However, the skills needed in an emergency – in the event of a ransomware attack, say – will still rest on previous experience of this type of event.

A question mark hovers over how quickly managed services will grow. The crunch point here isn’t the idea of managed detection, which has been around for years, but the capabilities of incident response. Logically, the two work best when one entity looks after both sides of this part of cybersecurity defense because handover to a separate department or organization is always going to slow response. 

Gartner predicts that by 2025, half of organizations will be comfortable enough to allow third party MSSPs to handle response, cleanup, and forensics in one cycle, up from 15% today. That prediction will still depend on how much innovation service providers will be able to push into their expanding MDR platforms, which themselves are built atop a plethora of tools and cybersecurity platforms.

The first generation of cybersecurity vendors emerged from the networking industry of the 1990s while the second generation emerged as startups, some of which merged with large, former networking vendors. Cybersecurity consisted of numerous, poorly integrated niches. Perhaps the new wave of cybersecurity services will eclipse this economic model and become giants in and of themselves. If so, this sector could eventually dominate the whole cybersecurity sector as all cybersecurity becomes a service in one form or another. 

Website

Latest articles

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and...

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...

Hackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of Servers

A critical vulnerability in Ray, an open-source AI framework that is widely utilized across...

Chinese Hackers Attacking Southeast Asian Nations With Malware Packages

Cybersecurity researchers at Unit 42 have uncovered a sophisticated cyberespionage campaign orchestrated by two...

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles