Cybercriminals are constantly developing their attack methods. For many companies, it is difficult or even impossible to keep up with their defenses. External experts can provide support.
Pilz, a German automation company, Xfab, a semiconductor manufacturer from Silicon Valley, KME, an international company from the metal industry: All three have annual sales of several hundred million euros. Their workforces are in the four-digit range. Another thing they have in common: they have all been victims of hacker attacks.
If companies like these, with enough resources for extensive in-house IT, are not safe from hackers, how high is the risk potential for SMEs? According to a Bitkom study, quite high. In 2020 and 2021, 88 percent of German companies were affected by hacker attacks (SMEs account for 99.5 percent of businesses in Germany).
Small and medium-sized enterprises often do not have the capacity to build up their own cyber security expertise because the IT department is already busy with everyday tasks.
Despite this starting position, one should not despair. Companies do not have to deal with hacking problems alone. Just as a homeowner doesn’t have to install an alarm system himself, companies can rely on external experts when it comes to cybersecurity.
Three Levels of Managed Security
Managed security service providers (MSSPs) are experts who take care of the cyber security of other companies. They are aware of current security vulnerabilities and know how to close them. They also keep systems up to date and check their status.
These service providers put together individual security packages. Companies are free to decide what they want to give away and what they want to keep:
In the simplest variant, a company obtains operating support for the security systems. MSSP supplies the components implement them, and helps get them up and running. Maintenance and repair for the solutions may also be included. In “day-to-day operations,” however, the client takes care of the security system itself.
The service provider can take over the tasks as a managed service. In this case, the security systems remain in the company, but the service provider takes over all or part of their operation via remote access. However, the company retains physical control over the application. It must therefore continue to ensure that the infrastructure for the security system functions.
Here, the MSSP operates the security systems completely. All services are provided and managed via the cloud. Here, the service provider is responsible for continuous operation and the digital infrastructure.
Customers can further customize the three models depending on the provider. Here are some examples of possible module components:
- Automatic security scans of the systems
- Maintenance of the security infrastructure: applying updates and patches, backing up the configuration
- Verification and renewal of certificates and maintenance contracts
- Documentation of all changes to the security infrastructure
- Support for data protection and compliance regulations
- Vulnerability management with alerting in the event of impending security vulnerabilities or warnings from manufacturers and other bodies (associations or government institutions)
- Creation of monthly monitoring reports
The response time of the service provider is agreed in the service level agreement (SLA). For some companies, it is sufficient if the MSSP can respond to problems on weekdays during normal working hours. For other companies, round-the-clock support is important.
Managed Security Does Not Have to Be Expensive
The choices are vast. Since the threat potential for attacks can vary from case to case and some companies want to invest more or less, this modularity is necessary. But don’t let the variety of options intimidate you. Cyber security doesn’t have to be expensive. Simple packages are available for as little as a few hundred euros a month.
Trust Is Good, Control Is Better
Companies that plan to outsource their security to a service provider should inform themselves carefully. The basis of trust must be right. After all, you’re putting a lot of responsibility in someone else’s hands. The potential MSSP should be able to prove his experience and expertise.
Partnerships with manufacturers and customer references can provide clues to the expertise of a service provider. You can also start with small projects first and use them to assess what the MSSP can do. Ideally, a security partner should offer the most flexible service level agreements possible and be responsive to customer needs.
At Axians, we have found that customers want to know exactly what we can do. Awards and references alone do not necessarily help. We often have to prove what we can do in a smaller support project before a real managed services contract is signed.
After the kick-off meeting, the MSSP should analyze the customer’s systems, install updates if necessary, and adjust the configuration. In an emergency, it is helpful to have a direct contact person at the provider. After all, if there’s a fire, who has time to be connected from pillar to post or to be stuck forever on hold on a hotline?
Professionals Take the Pressure Off the Workforce
Managed Security Services provide companies with flexible and individual support for the entire cyber security range. The company’s own IT department is relieved and can better deal with internal requests. In addition, the MSSP gives them access to expert knowledge and experience that they would have to spend a long time and money building up in-house.