Just because the application service provider market has not taken off does not mean that all ‘service providers’ are doomed. Far from it. The managed security services provider (MSSP) market will be huge and with good reason.
Quite simply, the heads of major organisations are fed up with the cost, complexity and sheer management headache caused by computer security. Banks want to be banks, they don’t want to be cryptography experts. Many organisations are now opting to give up the perpetual struggle and hire the expertise instead.
It is a problem that did not exist 10 years ago. Then, computer networks were closed and no company would ever have dreamt of connecting sensitive systems to a public network.
The Internet, of course, changed all that – not to mention the various extranets and ecommerce sites that invite customers and partners into a business’s private network. Just one wrongly configured firewall or web server, one un-updated anti-virus package, just one small weakness and the attackers are in and there is no limit to the harm that they can do.
Take the example of software giant Microsoft. All it took to break into Microsoft’s network was an employee who failed to keep his lap-top’s anti-virus software up-to-date and who foolishly opened a file he was sent. The file surreptitiously installed a ‘Trojan horse’ program that could read all the user’s key strokes, including passwords, thus giving
the hacker access to sensitive Microsoft systems. Worse still, the company’s lack of 24-hour monitoring meant that it was months before security staff at Microsoft found out that they had an intruder at large on their network.
What would have happened if it had been a bank? Well, Citibank should know. One of the largest financial services companies in the world, it was successfully broken into as long ago as 1995, losing more than $12 million (EU12.1m) in the process.
Yet since then, the threats to businesses have multiplied, according to Carnegie Mellon’s Computer Emergency Response Center (CERT). This is compounded by the inadequacy of the tools that companies have to defend themselves. IT staff have to punch holes in their firewalls every day in order to set-up new servers or provision new services. Yet no one checks to make sure they have done so securely.
The intrusion detection systems that are supposed to warn when nefarious activity is detected are more likely to sound false alarms and anti-virus software is often not updated because of the amount of work involved going from PC to PC, CD-Rom in hand.
Finally, there’s nothing that can pull it all together into one central console so that security staff can more clearly see when a concerted attack is being launched against their systems, let alone take evasive action as it happens.
MSSPs can help solve all these problems – and in real-time. Vendors such as Counterpane are developing proprietary software that takes and correlates event data from all these sources, as well as routers, operating systems and other important pieces of the corporate infrastructure. When that software sounds the alert, MSSPs can round up many more highly skilled staff to combat the threat as it happens – not weeks later during a routine examination of system log files. By then, it is too late.
Some organisations might initially be reluctant to outsource their company’s security. That is despite the fact that they are happy to outsource so many other facets of their IT department. But it is the story of superior coverage at a similar or less cost that will ultimately win the argument in the boardroom.