The future of cyber security

Cyber crime is a huge business today, so proper cyber security is essential. Purchasing it as a service offers enormous benefits to organisations large and small.

Johannesburg, 09 Sep 2022
Pieter Nel, Regional Head: SADC, Sophos.
Pieter Nel, Regional Head: SADC, Sophos.

While it is clear that digital transformation has opened up fantastic new business opportunities, it has, at the same time, created a wide variety of new attack vectors for cyber criminals.

Cyber crime today is such a massive business in the current electronic world that a number of top security players have suggested that these criminals far outnumber the security experts working to counter them.

This is why we have seen an exponential rise in the organised syndicates of criminals that are actively working to break into companies and steal their information – be this intellectual property, customer databases or financial records.

With this in mind, explains Pieter Nel, Regional Head: SADC at Sophos, we must expect cyber security to continue to grow in importance as we move forward. After all, the rise of ransomware brokers and the continuing security talent shortage means the defenders working on behalf of an organisation increasingly need their security technology to be managed on their behalf.

“This approach is known as cyber security as a service (CSaaS), an outsourced model of cyber security management. With CSaaS, instead of handling security in-house, where the company may struggle with limited resources and expertise, it now becomes possible to outsource it to a third-party vendor, utilising a pay-as-you-go approach,” he says.

“An effective CSaaS solution will allow the customer to manage all their security products from a single platform. Further, by leveraging artificial intelligence (AI) to analyse the information generated by these solutions, it becomes possible to obtain meaningful and actionable data to boost your security posture.”

Nel notes that a key challenge with digitisation is that implementing effective cyber security is becoming increasingly difficult and complex, particularly as there is such a shortage of security skills.

“This is why we recommend they seek out a trusted partner that can deliver security as a service, as this will have the twofold benefit of providing access to relevant expertise and allowing its own employees to focus on their core areas of business.

“There are, of course, numerous other benefits to adopting a CSaaS approach. For one, the business should gain in terms of long-term savings. CSaaS eliminates the often costly overhead expenses related to assembling an in-house team and acquiring hardware and software.”

He suggests that investing in in-house cyber security is both a costly and ongoing effort, as one must consider the need to hire or retrain team members with specific skills. The latter is especially problematic for small and medium enterprises (SMEs) as this can prove expensive, and is thus also the reason that more than two in five cyber attacks target SMEs.

“Adopting CSaaS simply makes sense, as it gives a business – whether large or small – direct access to experts whose entire focus is on cyber security and the myriad challenges created by the digital era,” he says.

“I also can’t stress enough that skilled security resources are scarce, as demand for such professionals has grown exponentially in recent years. This means that building a team of experts in-house can be a big ask, even if your company has access to the necessary resources.”

Of course, adds Nel, the other beneficial aspect of the CSaaS model is its inherent flexibility. Because it is an as a service model, your business can scale up or down as required, so there is no over- or under-investment in security features.

“When it comes to running a successful business, cyber security is definitely the one area where you simply cannot afford to cut corners – investing in cyber security is not a nice-to-have, it’s an absolute necessity.

“Therefore, it seems to be an obvious choice to go with CSaaS, as you will eliminate complexity, improve security via expertise on-demand and, of course, you will save money while doing so,” he concludes.