Managed services augment cybersecurity as imminent risks draw closer during COVID-19

Protecting the IT landscape in a borderless world
Image: Simeon Tassev, QSA and MD at Galix

According to a Mimecast analysis of the first 100 days of the pandemic, cybercriminal activity increased. Between January and March, spam and opportunistic detections rose by at least 26 percent, impersonation was up over 30 percent, malware by over 35 percent and the blocking of URL clicks rose nearly 56 percent.

Across all detection categories, volumes increased 33 percent. Online criminals are at least a third more active since the pandemic started and remote working has become the achilles heel of the business.

For years, companies have fine-tuned their security systems that include policies and resources calibrated for the internal workplace. Even though those systems can provide remote access, nobody anticipated that everyone in the company would work remotely, and need to do so quickly. This created a need for managed security services to bolster the organisations cyber security –as fast as possible.

 Going remote is straining IT and security

You cannot just flip a switch and enable a comprehensive and secure remote-working environment. Instead, you need to revisit policies and strategies to ‘tighten’ them up, and conversely, relax some of them to ensure people can log in. This drop in capability has been attracting criminals. We know for a fact that a majority of incidents in the past have been triggered from known vulnerabilities and unpatched machines. All those loopholes are now potentially creeping in and the bad guys are ready to strike. It’s as simple as that.

Exacerbating the issue is the fact that IT and security resources are more strained than ever before. They have many plates spinning at the moment and security demands threaten to bring those crashing down. This is why now is the perfect time to weigh managed security service options. A managed security service provides both the people and the infrastructure to create and maintain dynamic security. Unlike an outsource arrangement, managed services focus on critical and even core systems, closely aligned with the customer’s strategy and business requirements.

Managed security services frees the business, including its IT professionals, to focus on  operational aspects of the organisation, without having to worry about an area that they don’t necessarily specialise in. This logic made healthy sense prior to COVID-19, and the current crunch on company resources has elevated its benefits even more.

Improving your internal capacity with external partners

Even if a company has a strong internal capacity, it’s nonetheless under tremendous pressure. As I noted earlier, the rules have changed. Companies have gone from a mass of internal users with a few remote logins to practically everyone working from the outside in. Managed security services can help manage that transition, giving the company space to evolve its policies and resources.

Managed security services are not off-the-shelf solutions. Its benefits come from four areas: specialisation in security best practice and intelligence, pooling of top skills, control and management of security infrastructure, and a generous capability to scale. A good service provider will align these elements to what a customer environment needs. The customer gets peace of mind without giving up strategic control.

It also results in savings. Under the guidance and expertise of managed security services, a customer spends money for the right things and achieves as much as possible, rather than just going in without knowing where to start or without understanding necessarily the risks.

COVID-19’s many disruptions has been a shot in the arm for cybercriminals. One silver lining is that these changes have also created much more awareness around security. The next step is to act, and with the help of a reliable and experienced managed security service provider, we can stay ahead of the bad guys.

By Simeon Tassev, Managing Director and Qualified Security Assessor at Galix. The views expressed in this article do not reflect the views of Tech Metro Africa