OCTOBER - NOVEMBER 20259EUROPEEUROPEi.e. providing external parties with access to sensitive information or having to modify processes to let external experts in. Such an approach would be justified and especially crucial if MSS interactions clash with core business activities or become too noticeable. In addition, Internal Security Services may be also tied with different functions or processes across the organisation. But even then, specific MSSs are still being delivered to address niche areas not covered internally yet or where there's no will to maintain them internally. At the end of the day we are still left with residual risks to be mitigated - potentially with tailored, sophisticated services delivered by specialised MSSPs. Establishing a successful serviceApart from operational model delivered by internal or by MSSP, Security team shall be the first to know infrastructure perimeters, onboarded cloud services as well as all integrations and interconnections with third parties to secure it from day 1. It shall be also clearly stated what information, systems and processes are most criticaltoallow the service to be aligned with business needs. Such a configuration puts SOC in a great place to become an orchestration platform for other internal and external services. For instance, Software Development Life Cycle (SDLC) with application code reviews, application assessments or even security related training for developers could be one of many cherries on the cake. Another great example is DDOS protection required constantly but used occasionally against actors who are about to paralyze our connectivity or services. 'Everything is perfect, but there is a lot of room for improvement.'Considering engagement with MSSP and its perfectly crafted services we can expect protection within strictly agreed boundaries and processes; no more, no less. What if we would like to accompany it with other contestants' services? Could we expect to have it managed in a similar way as by an internal/central team? There could be a bit more space for service flexibility and customizations. How about disrupting the status quo, moving away from the typical closed siloes model to one that would be more open to collaboration? Improvedinteractions across MSSPs could bring a breath of fresh air. Transparency that is being celebrated by open source would uncover weaknesses andincrease healthy competition.Service flexibility and orchestration opportunities surely could bring more business trust and appetite for MSS.The summaryIt is often a question if MSSP is the best solution for organisation at the time or may be security department is justified already. On the other hand, hybrid configuration may be worth consideration to ensure security and flexibility at the same time. The decision-making mechanism is not much different from any other form of outsourcing, where at the end of the day (usually) time and money matters mostly.Nonetheless, let's keep recognizing cybersecurity threats, risks and strategy, not only as something attached to IT or Security team initiatives,butmake them applicable to the whole organization, from intern duties to boardroom processes. BCConsidering engagement with MSSP and its perfectly crafted services we can expect protection within strictly agreed boundaries and processes;no more, no less
< Page 8 | Page 10 >