What is Security-as-a-Service (SECaaS) and why you need it – BIT

While Australian IT chiefs face mounting pressure on issues like application performance and customer experience they must also contend with an escalation in threats from those who are simply looking to steal, damage, disrupt, or embarrass. According to the latest statistics from the Australian Cyber Security Centre (ACSC), Australia has seen a dramatic rise in cybercrime activity. Between July 2019 and June 2020 approximately 60,000 cyber-attacks were reported in Australia – an average of 164 per day, or one every ten minutes.
Whether an enterprise has a separate CISO or looks to the CIO on security issues, organisations still must find ways of fulfilling their compliance obligations amid a sea of complexity brought about by COVID migration. Thousands of employees working on home devices of unknown pedigree present a risk, as does the presence of multiple domains through which sensitive data travels, en-route from the datacentre to the unvetted endpoint and back again. IT leaders and business stakeholders are confronted with costly paths to adequate security, with no guarantees that they have the inhouse skills to manage these solutions.
Enter Security-as-a-Service (SECaaS) — the increasingly popular solution to modern resilience. Businesses can outsource the security function to a trusted partner while retaining granular control of IT policy and business operations. And for a country with economies that are majority-SME, the SECaaS proposition is particularly alluring. Even before COVID struck, smaller businesses were continually looking for ways to streamline their business models for cost effectiveness and operational efficiency.
I would however be remiss if I didn’t point out that while a business can outsource responsibility to a third party for carrying out cybersecurity activities, it cannot, and should not, outsource the related accountability.
Get the latest business tech news, reviews and guides delivered to your inbox.
There is so much to think about for the IT team that looks after Web and mobile platforms; remote workers and their unpatched devices; multiple network environments, many of which they do not own; and possibly DevOps workflows, with all their attendant code changes and cloud-native requirements. Add to that, the skills shortage — this year, an estimated 3.5 million cybersecurity jobs around the world will be unfilled.
SECaaS delivers not only the right technology but a ready-skilled team of professional threat hunters that are well-versed in the issues surrounding the protection of data, networks, endpoints, and applications. In addition, they have spent decades studying the behaviour of bad actors and have a keen sense for how they think and what they will target. These professionals deliver a 24/7, year-round security operations centre (SOC) to SECaaS customers at a fraction of the cost it would require for those enterprises to build their own.
SECaaS is cost-effective; it allows customers to subscribe to a service that is continually improving — through the latest tools and intelligence — rather than buying an asset that requires time-consuming maintenance and eventual replacement. With SECaaS, third-party experts are active on Day One and in-house security teams’ workloads are diminished and rationalised. By outsourcing tasks such as monitoring, vulnerability management, threat detection, remediation, detection, and response to external teams equipped with the industry’s most advanced tools, inhouse specialists can devote their time to chasing down the most advanced threats.
SECaaS is also scalable, allowing instantaneous protection of new applications, databases, and workloads. It provides peerless visibility through rich dashboards, delivering confidence to CISOs that their security partner is operating effectively. And the partner will also raise non-trivial alerts in real time for inhouse teams to action.
In addition, SECaaS providers offer continuous assessment of threat postures, suggesting alternative best practices, tools, and policies as new intelligence arises. From endpoint protection, detection and response to security information and event management (SIEM), SECaaS providers integrate themselves, benignly, into a customer’s operations, advising on the best course of action regarding every aspect of security, from prevention to business continuity.
The provider’s disaster recovery plans — from cyber incidents to natural phenomena — should be subject to thorough scrutiny, as should its vendor partners. Organizations considering SECaaS should also ensure that the provider and their vendor partners are able to package their offerings in a way that delivers the flexibility and futureproofing that the customer seeks. Such offerings should also compare favorably with others in the market when it comes to cost of ownership.
SECaaS migration has been gaining momentum in the region because business and IT stakeholders are starting to recognise its benefits. In the wake of COVID, as enterprises contemplate resilience in the context of continuing compliance, the model will make more and more sense. In the face of overwhelming threat escalation, growing IT complexity, and persistent skills gaps, SECaaS is, quite simply, a smart way forward for most organizations.
Walter Manyati is Director ANZ at Qualys.