Solution for cybersecurity staff shortage
Amidst increasing incidents of cybercrime, many employers are looking to expand their cybersecurity teams this year to better protect their systems against threats. In the healthcare industry, employers plan to expand staff by 20% or more, according to the (ISC)2 Global Information Security Workforce Study (GISWS).
However, such expansion plans may not push through given the serious shortage of cybersecurity professionals. The same report projects that the cybersecurity workforce gap is on pace to hit 1.8 million by 2022. Some experts say the "security-as-a-service" concept, offered by Managed Security Service Providers (MSSPs), may be an effective solution to address the cybersecurity talent shortage.
Healthcare organisations are increasingly being targeted by cyberattacks due to the nature of the data they process and possess. Their systems hold a treasure trove of customer and patient information that can be used for identity theft, blackmail or sold on the Dark Web – social security numbers, credit card information, sensitive and personal healthcare information. Unfortunately, many healthcare organisations simply don’t have the resources to manage the constant threats and vulnerabilities that pose risk to their customers and patients.
Experts say a good MSSP can handle most, if not all, of the security tasks in your organisation. Whether it’s actively probing internal networks or scouring intelligence reports and external data sources via hunt teams, MSSPs help organisations stay ahead of emerging threat activity. Moreover, MSSPs can also assist organisations in preventing and recovering from ransomware attacks. A good MSSP therefore can be more cost-effective than hiring a team to manage your security programme, according to the experts.
The search for the right MSSP can be difficult, but if done right, should not be as challenging as finding, onboarding and keeping cybersecurity professionals. For provider organisations, choosing the right MSSP can take some of the burden off their plate, allowing them to focus on providing quality healthcare services to their patients.
Here are some things to look for when choosing an MSSP:
- Define your business needs. Is there a particular service you need? Do you need an MSSP to manage your system vulnerabilities? Put together a list of must-haves and desires, and prioritise from there. If you don’t know what you need, a good MSSP should be able to perform an initial assessment and give you some recommendations.
- Can the MSSP attract and retain talent? Make sure your MSSP has qualified staff on board plus a proven method of attracting and retaining cybersecurity professionals.
- Is the MSSP customer focused? Your service provider should be familiar with your business. Does the MSSP have an established healthcare client base and/or employ staff with significant experience in the healthcare field? Currently, there are only a few mega-sized MSSPs that can handle several large customers at once spanning multiple verticals and sizes, and even then, they may be too big to give you that personal, responsive touch.
- Does the MSSP have proven expertise? Be wary of MSSPs that claim they can do it all but can’t back it up with proven past performance. Ask for examples of organisations they have protected. Do they have experience in building security teams and performing the types of services you need?
Source: Infosecurity Magazine
Image Credit: Pixabay
Published on : Mon, 25 Sep 2017
Print as PDF