Johannesburg, 02 Mar 2020
Dimension Data's security managing executive Tony Walt says individuals who still see the Middle East and Africa as one homogenous territory, which can be addressed by a single, static solution, are likely to be challenged when it comes to the applicability and operational efficiency relating to managed security services.
Walt adds one needs to acknowledge that there is a high probability they will be working across a region that includes 70 very different individual countries, each with their own cultures, languages, traditions, challenges, rules and regulations, and a diverse level of ICT-related infrastructure.
And this is why the development of managed security services must be provided in context, specifically in the context of the country in which your organisation operates.
What to look for in a cyber security partner
Fortunately, the cyber security industry isn’t new; several industry leaders have been working hard to protect their clients for decades, who offer almost the same services as each other. "As the threat landscape continues to evolve, however, it’s becoming more important to assess your needs holistically and find a partner who can co-create, co-innovate and co-implement with you to ensure you have the most appropriate solution that speaks to your organisation’s business continuity as a whole, and takes into account the nuances as a result of the different countries they are domiciled in."
According to Walt, organisations need to look for a partner that can offer local development capabilities, a large global footprint, the ability to leverage the assets, knowledge and skill set of a larger group, the desire to co-develop and co-solve with you and the attainment of cost efficiencies.
What is important to you?
Based on NTT’s research, the Middle East and Africa (MEA) is in the initial stages of cyber-maturity; however, the region’s ambitions to aggressively increase their maturity are among the highest globally. To achieve these ambitions, MEA-based organisations need to take a more comprehensive stance on security.
Companies need to implement a managed solution that not only contemplates cyber security risks, but can carefully consider and manage the governance, risk and compliance aspects of the broader business.
If the organisation experiences a major incident, be it cyber-related, fire or flood, or even unrest, one needs to know that there is a comprehensive business continuity strategy and a disaster recovery strategy in place that will ensure minimal downtime and disruption.
While such disruption could result in massive losses for an organisation, increasing the expectation from a governance, risk and compliance perspective is to invoke a disaster recovery plan (DR), where one can physically relocate the bulk of the most critical team members to a new, secure operating environment, and have minimal business resumption in a matter of hours. Reality is that physical work area recovery (WAR) is increasingly becoming a necessity as opposed to a luxury.
And the managed security service provider (MSSP) should ideally be able to extend its capabilities to provide full business continuity, not just cyber related risk mitigation strategies.
"Choose a local MSSP that is part of a larger group; they will have greater insight into the threat landscape. There is a lot of value to be derived from being part of a very large, managed service provider. From a security perspective, they will have a broader sight of the attack vectors that threaten the ICT landscape. The larger the organisation, the more oversight they have because they are covering more logs and attack vectors."
The ability to understand the potential threats from billions of logs is more valuable than insights from millions. Having the platforms and tools to handle the mass of information and distinguish between critical and non-critical logs is imperative.
It’s important to understand — both as an MSSP and as a client — that local in South Africa is very different to local in Kenya, or local in Saudi Arabia, or the United Arab Emirates. Local infrastructure plays a huge role in deciding how to develop the best possible solutions for an organisation. "When solutions are built for organisations in emerging countries, developers need to ensure they account for the inherent infrastructural instability in the specific location and plan accordingly.
"It is therefore imperative to use a provider that has access to these local insights and is focused on building those skillsets locally rather than just exclusively offshoring them."
Does your provider focus on developing the right local skills?
People working in this business need to understand it is their daily job to defend their clients from attacks, and they need have a clear understanding that they are the first, second and third line of defence.
They need to be on the look-out, hunting for possible threats all the time. It takes a particular psyche to be able to work in defence mode all the time. This kind of culture is not something you can typically develop in a shared operations environment; it needs to be in a dedicated security environment.
Can your MSSP customise solutions for you? Further to this, while some companies might prefer to use an internationally based MSSP, it’s not always possible from a regulatory perspective. "What we’re seeing a lot of in emerging markets is that there are a host of smaller organisations for whom such large-scale solutions just aren’t appropriate, and there is a need for greater customisation of solutions.
Choose an MSSP that can adjust their solutions to work more appropriately for your business environment. That willingness to co-develop specific solutions for clients in various countries is what can set an MSSP apart."
At the end of the day, the ideal MSSP should be willing to partner with you, be open to investing in your business, and you should have absolute trust in their abilities.
Managed security services is but one element of the broader governance, risk and compliance requirements. A partner that can fulfil the broader organisational resilience requirements is increasingly imperative.
Share