The alternative is for enterprises to outsource the management and monitoring of their network security to an MSSP. An MSSP can combine advanced technology with expert human analysis, enabling an enterprise to cost-effectively strengthen its security posture. An MSSP can also provide a level of technology and expertise that ensures rapid response to real threats.
Specifically, a capable MSSP must employ advanced data mining and security event correlation capabilities to enable it to accurately correlate, analyze, and interpret large volumes of network security data in real time. In general, an MSSPs services include timely phone and email access to security monitoring staff and Web access to reports on such things as device status, change requests, and service level performance. Perhaps most importantly, these services enable enterprises to focus resources on their core, everyday business issues.
The stakes are certainly rising. In its recently issued predictions for 2004, Gartner said enterprises will choose service providers based not on the providers ability to recognize intrusions and alert the enterprise, but rather on its ability to recognize critical vulnerabilities and to block attempts to exploit these vulnerabilities. Gartner expects demand for managed security services to increase at a compound annual growth rate of nearly 31 percent through 2005, and predicts that all major managed security service providers must offer external and internal vulnerability scanning and threat assessment as integral components of their device management services if they are to be serious contenders in the MSSP market. (That will be particularly relevant given enterprises efforts to comply with auditor requirements stemming from legislation such as the Sarbanes-Oxley Act.)
The conclusion is unavoidable: any notion that security is a matter of simply protecting the network perimeter is hopelessly out of date. Why? Because increasingly, enterprises are recognizing the importance of "defense in depth." This involves a comprehensive approach to securing critical assets, networks, and information systems while implementing robust defenses against hackers, viruses, and other online threats. Defense in depth recognizes that todays environment is one increasingly beset by so-called blended threats that dynamically target the vulnerabilities of isolated security products. As a result, companies must adopt a deep, integrated strategy that addresses security at all tiers: gateway, server, and client. It is precisely this kind of strategy that an MSSP can help enterprises execute.