As part of a concerted effort to improve their overall cybersecurity posture, most organizations are now moving towards building a true zero-trust IT environment. After years of pursuing a hodgepodge approach to IT, organizations are starting to realize that a more comprehensive approach to securing IT environments is now an absolute requirement, especially as they begin to embrace digital business transformation.
As exciting as digital business transformation promises to be in enabling a wide range of new and exciting customer experiences, it also leads to more data being potentially compromised by cybercriminals than ever before.
A survey of 300 cybersecurity decision makers conducted by IDG Connect on behalf of Pulse Secure, a provider of software-defined tools for securing access to networks, shows a clear pattern starting to emerge. Nearly half of the respondents (48 percent) are improving endpoint security to limit access to corporate resources. A total of 46 percent are enhancing discovery, isolation, and access control within the context of an Internet of Things (IoT) application. Another 44 percent are fortifying network and cloud access visibility and resource segmentation.
All told, 91 percent of the survey respondents plan to increase spending on secure access during the next 18 months, with 30 percent anticipating that they will increase spending anywhere between 15 to 25 percent more. Best of all, from a managed security services provider (MSSP) perspective, 38 percent of respondents said they outsource secure access capabilities to MSSPs, with overall average usage increasing 10 percent by 2021.
Arguably, reliance on MSSPs is likely to be even greater as IT environments become more complex. A full 44 percent of respondents will employ local data centers and public clouds. Another 30 percent will use public and private clouds, while 26 percent said they will employ all three delivery environments.
As part of their efforts to make it simpler to better secure access to those environments, nearly half (48 percent) are willing to explore consolidating their access tools, while 56 percent have or plan to to pilot software-defined perimeter platforms over the next 18 months.
What actions should MSPs take?
Clearly, something profound is starting to occur in terms of access management that warrants further investigation on the part of managed service providers (MSPs). For example, the survey notes that 42 percent of the survey respondents are focusing on refining how they manage privileged account access. Most MSPs already know that most data breaches wind up being much worse than they should be simply because there were no meaningful privileged access management (PAM) processes in place.
Most MSPs should be able to make a simple business case for replacing all access tools organizations have deployed in favor of a service. Access management is one of those classic routine IT tasks that is almost always going to be more cost-effectively managed by a specialist. The truth is, most internal IT teams need to be focused on providing business value that goes way beyond simply acting as the equivalent of a digital security guard.
The opportunity presented now is that more organizations are aware they need to hire a service to guard their digital assets in much the same way they already contract services to guard their physical assets. The only difference is the digital security guard in the form of an MSP is consistently reliable in guarding the organization’s digital assets.
Photo: OleGunnarUA / Shutterstock