The growing number of cybersecurity incidents and wave of data privacy laws and regulations combined is behind the current boost in demand for cybersecurity. Consider a recent survey from management consulting firm McKinsey that forecasts a 13% annual increase in cybersecurity spending through at least 2025.
The challenges are clear. At this breakneck pace, how do security practitioners ensure they spend their cybersecurity budgets wisely? And with the competition for cybersecurity talent, how do they attract and hire the talent necessary to get the job done? For many enterprises, the answer is increasingly clear: outsourcing.
The 2022 Deloitte Global Outsourcing Survey found that only 52% of the executives Deloitte surveyed feel their organizations are adequately prepared to defend against today’s security challenges. That underlying discomfort with the status quo is perhaps why 81% of executives say they use outside vendors to fulfill their cybersecurity demands. Simiarly Dark Reading’s recent report, Outsourcing Security Without Inviting Risk and Wasting Money, we interviewed security leaders who indicate that the difficulty for most enterprises isn’t deciding whether to outsource; it’s deciding what to outsource and how to do it cost-effectively while capturing the most risk reduction for their business.
Check out what dozens of experts had to say regarding what enterprises must do now to successfully outsource cybersecurity functions without inviting increased risk or wasting money. For instance, Barry Keaton, director of managed defense at Google Cloud, says organizations must evaluate their internal resources today and determine if outsourcing is a viable way to fill gaps.
Organizations should ask themselves the following questions: Does the organization have the necessary expertise to monitor and investigate alerts and proactively hunt for attackers across the organization? Does the team have the insights to understand which threats matter most and prioritize response effectively? And is the cybersecurity stack modern and scalable enough to keep up with new and emerging threats?
Keaton and others explain how enterprises must balance cybersecurity costs, scalability, and the level of control desired against their in-house resources. They should also look for strategic areas where outsourcing can save money and improve security outcomes. The key is learning how to balance high-priority and sensitive cybersecurity initiatives that may be better served in-house while turning to service providers offering specialized services and outperforming staffers.
About Author
