There is no way of ignoring three main trends in the field of cyber-security.
- Managed Security Service Providers (MSSPs) - The know-how of what are the right security needs is something you can't always find in a typical SME or SMB. Just like most of the things that require a high level of professionalism, a lot of companies choose to outsource these tasks to an external service provider. It's very common to find among MSSPs clients like hospitals with hundreds of employees, small chains of stores and local banks. This trend is here now, and it's been around for a while. It expected to vastly grow in the next few years.
- Cyber Consultants - Surprisingly (or not), Deloitte makes a growing amount of cash out of its cyber-security consulting division. The main difference between these services and MSSPs are that while MSSPs actually manage the day-to-day security operations of their customers, cyber consultants can do more on-premise work. From PCI and another compliance requirements to periodical penetration testing and security audits, the 'big 4' have the teams and the know-how.
- Cyber Insurers - As 'security-outsourcing' is on the rise, the uncertainty among the organizations that use it is growing. At the end of the day, when something bad happens the MSSPs or consultants know how to cover themselves to 'run' away from a real liability of critical security incidents. The businesses stay with the responsibility but without a real understanding whether what they are doing is right or wrong or what is the quality of the firm they chose. To fill this void of uncertainty we have the latest trend in cyber-security called cyber insurance. The direct outcome of this situation is a whole new market that is blooming, and it is starting right now.
Now let's map the needs for these three significant shifts.
MSSPs need visibility and control, cyber consultants need to create richer reports to offer a better mitigation, and cyber insurers need to continuously assess risks that are located inside an insured entity.
Vicarius is here to do ALL of the above
We are building a continuous and proactive risk assessment platform, and yes, we also provide on-the-spot mitigation and compliance reports.