Advanced SOC Operations / CSOC , Endpoint Detection & Response (EDR) , Governance & Risk Management
Completely Outsourced Security: A Bad Idea
Strategic Security Functions Must Remain In-house, Says Gartner's Sid DeshpandeOrganizations can effectively rely on managed security services providers to take care of many tasks, but certain strategic security functions must be handled in-house, says Siddharth Deshpande, research director at Gartner (see: MSSPs: Separating Myths From Realities).
Outsource specific security functions can prove useful, but some functions must be retained in-house, Deshpande says in an interview with Information Security Media Group (see: Working With MSSPs: Big Business and Security Upsides).
"The rule of thumb that we use at Gartner is: For things like incident response - which require a business decision to be made on behalf of the organization ... you can leverage service providers for specific parts of the process, but the ownership has to be in-house," he says. "Then things like data security and identity and access management are typically harder to outsource, because they require a lot of business context about the organization and require accountability on behalf of the people that are making decisions."
Commoditized services and routine activities, such as firewall management, can easily be outsourced, he says. Specialized tasks, such as threat hunting and managed detection and response, or MDR, which many organizations cannot manage cost-effectively on their own, are also good candidates for outsourcing, he adds (see: The New Demand for Managed Services).
In this audio interview (see player link below image), Deshpande discusses:
- The balance between in-house security functions and outsourcing;
- Tips for evaluating artificial intelligence solutions;
- Security challenges in the Asia-Pacific region.
As research director at Gartner, Deshpande advises technology providers and buyers on security-related topics. He also conducts research and is a frequent speaker at Gartner events and client events and workshops. His primary areas of focus are security market opportunity and growth projections, managed security services and CASBs.