“My sense is that it's the functions that cannot be easily commoditized are staying in-house. For example ICS/SCADA and bio-medical security are very specialized that many folks would be uncomfortable outsourcing,” Fisher says. “But identity and access management is something that can likely be passed to a qualified partner. That line of what's commodity and what isn't is changing and dynamic so it's going to be challenging to make good decisions over the next couple of refresh cycles as a CISO,” advises Fisher.
A focus on threat intelligence and data sharing
Threat intelligence, data and information sharing came in big this year. Fifty-one percent of survey respondents say they use security data analytics to model cybersecurity threats and spot attacks underway. That thirst for data is another reason why enterprises are turning to cloud and outsourcing. Within those respondents that rely on managed security services, 55 percent say they rely on their providers for security monitoring and data analytics. And another benefit of these providers is their access to security operations and threat intelligence fusion centers.
Michael Echols, executive director and CEO at the International Association of Certified ISAOs (Information Sharing and Analysis Organizations), and former director at the cyber joint program management office at the U.S. Department of Homeland Security, believes enterprises are also increasingly warming up to the idea of cybersecurity information sharing. “There’s an opportunity to essentially share costs [from organizational data sharing]. With data sharing, you now have the advantage of the expertise that maybe one of your sharing partners has, or if there's someone in your particular community of interests, or region, or industry; if something is happening to them, it potentially is going to happen to you. You now have valuable threat intelligence,” says Echols.
There’s no doubt about that, and considering the acceleration of technological innovation that enterprises are adopting, and the determination and persistence of today’s attackers – CISOs need every edge they can find.
Sign up for CIO Asia eNewsletters.