The start of a new year affords the opportunity to not only reflect on the past but also plan for the future.
You didn’t have to wait all that long to hear about the next data breach to be exposed. With names like Marriott, Under Armor, Orbitz, and of course Facebook, you’d be hard pressed to find a consumer whose life was not impacted this year by cybersecurity attacks.
Consumers are more sensitive than ever on how their personal information is managed. “Delete Facebook” was one of the most searched terms this past December, with countless news stories detailing step by step approaches to removing the app.
From my perspective, the unfortunate trend that continues this year includes the increased levels –both in terms of volume and sophistication—of cyber-attacks. With more data being created every day, there is more opportunity for criminals to exploit it. Increasingly, they are getting better at it every day. The surface area for potential attacks continues to grow as does the sophistication and related tools of those seeking to compromise the surface area.
The other significant trend that we can’t overlook is the massive shortage of cybersecurity professionals not just to resolve attacks as they occur, but also to identify and prevent them before they happen. New research released last year found that there is a shortage of 3 million skilled cybersecurity professionals worldwide.
Attacks are increasing in volume and sophistication at precisely the time when the needed skills to prevent them are decreasing. It is this combination that will result in the rise of the Managed Security Service provider in 2019.
Of course, MSSPs have always been important. For many customers, they are the first, last, and only line of defense from cyber-attacks. This new year will bring increased importance and focus on the role of the MSSP with an escalating number of customers.
“Cybersecurity.” “Security Analysts.” “Security Engineer.” Search LinkedIn or any other job boards for those skills and you’ll find tens of thousands of openings in your geography. There simply aren’t enough skilled professionals available to meet the growing demand for security experts.
MSSPs will play a leading role in solving this problem by creating the next generation of Security Operations Center. These centers will combine the best AI tools for threat hunting with the best cybersecurity talent and will offer economies of scale that will make the best available skills available to more customers.
These Centers will create a new model that combines top threat hunting skills with industry leading threat hunting tools to deliver proactive threat hunting capabilities as a service. They will become attractive alternative to hiring specialized professionals while tapping into expertise across a broader range of infrastructures.
With the right talent, MSSPs will advance the use of AI technologies that enable proactive threat hunting. Key areas will include:
Active Learning to reduce the number of false positives generated by most AI tools. Analyst feedback will be incorporated into the learning process and applied to future, n similar alerts. Threat hunters will make platforms smarter and more efficient over time.
Enterprise Scale. MSSP will ingest data from a growing number of sources and can use those findings to benefit more than just a single customer.
Contextualization. With the right software and skills, MSSPs will build on the results of AI, machine learning, and behavioral analytics by making the data more consumable and understanding risk thresholds based on context. This helps assemble and interpret the signals needed to hunt and assess threats faster and with high precision.
Flexible Architecture. MSSPs will deliver capabilities on the cloud or on-premise, based on customer preference.
We know from history that the number of potentially devastating cyber attacks will continue to grow. We also know there is simply not enough of the right skills available in the market for every company to solve these problems on their own. This will be the year MSSPs address this issue head-on and become an invaluable resource for a growing number of organizations constantly under attack.Rick Costanzo is CEO of RANK Software, an AI security platform provider.