Alert Logic this week announced it is adding a managed threat management service based on compute resources running on the Amazon Web Services (AWS) public cloud.
Chris Noell, senior vice president of engineering for Alert Logic, said given the chronic shortage of cybersecurity professionals, more organizations are looking to managed service providers (MSPs) such as Alert Logic to augment their cybersecurity defenses.
Recent Articles By AuthorJuniper Networks: Cryptomining Exploit Targeting Docker Containers Convergence of Security, Networking Services Accelerates ForeSight Acquires SecurityMatters for IoT Security
But rather than relying on legacy relational database technology to build a security information on event management (SIEM) database to process those alerts, the SIEMless Threat Management service from Alert Logic makes use of big data analytics and search tools on AWS. The goal is to eliminate the need for an on-premises SIEM platform that might not be able to handle the amount of data that today needs to be regularly processed and analyzed.
The threats themselves are ranked using an Alert Logic Threat Risk Index, which combines both industry-standard vulnerability severity data and proprietary insights from Alert Logic. That approach eliminates the need for IT organizations to configure security agents, manage data feeds and wade through security alerts on their own. Alert Logic provides the cybersecurity staff, which will prioritize alerts based on how lethal a threat is and to eliminate any new vulnerabilities the threat could exploit, Noell said.
That service is connected to the Alert Logic’s security operations center (SOC), which is used to manage cybersecurity on behalf of more than 4,000 customers. Those services span three different levels starting at $550 per month for up to 256 nodes. At that price point, Noell noted customers are spending less to employ a managed service than they would to hire a full-time cybersecurity employee.
In fact, lower costs coupled with a lack of available cybersecurity expertise is one of the primary reasons International Data Corp. (IDC) is forecasting managed security services will be the fastest growing cybersecurity sector for the next five years. IDC says managed security services are now the fastest growing segment of the IT security sector , with a compound annual growth rate of 14.7 percent expected through 2021. Gartner similarly estimates that by 2020, managed and subscription-based security services will account for half the revenue generated in the cybersecurity category .
The level of reliance of managed security services providers (MSSPs) will vary widely by organization. But Noell said relying on MSSPs is increasingly the only option that makes economic sense for midmarket IT organizations. Most organizations these days are expanding their use of IT into the realms of cloud computing, mobile devices and, increasingly, the internet of things (IoT). As that expansion continues, the attack surface that needs to be defended becomes that much wider. Most midmarket organizations don’t or won’t have the cybersecurity resources or expertise required to keep pace with that expansion.
Of course, there’s no shortage of MSSPs these days. The challenge going forward is weaving together a cybersecurity strategy that combines the best of what internal IT teams and external service providers have to offer.