Menu

Three reasons to consider Managed Security Services

Wednesday 21 September 2016

Author: Shannon Simpson, CEO, CNS Group – an independent, UK based cyber security consultancy. CNS Group are exhibiting at IP EXPO Europe 2016 alongside Telent on stand GG20.

CNS-and-Telent

1. Deliver on speed to value

If you ask an information security professional if cyber attackers are smarter than they are – the answer is no.  But if you ask the question about if they can they move faster – the answer is absolutely yes.  When an organisation needs to improve its security posture with a new technology, the evaluation, procurement, implementation and testing process adds considerable time before the business is able to action change. Meanwhile, an attacker can quickly use any new attack vectors increasingly cheaply. They are not constrained by corporate processes, making them vastly more agile and adaptable.

In an interview with Forrester, the manager of a newly built security operations centre confessed that it would take 18 months for their significant in-house investment to deliver any value to the business. This is typical and these delays can frustrate even the most focused and mature security operations teams, let alone senior stakeholders that have approved the investment.

Speed to value is just one of the reasons why an increasing number of UK organisations of all sizes are exploring Managed Security Services (MSS).  MSS is a sure way to increase the time to value of any cyber investment.  Organisations struggling to resource specific cyber initiatives can have new capabilities such as proactive and protective monitoring, security incident management and capable threat detection. These skills can help to combat threats and achieve commercial or government compliance levels, offering contextual cyber intelligence that gives direction to investment priorities and risk management decisions.

“We’ve been very pleased with the improvements that CNS Group has brought to Tower Hamlets.  The managed services have been excellent value for money. By taking advantage of the CNS services we have been able to enhance our responsiveness to compliance events and there is greater trust between ICT and our Security team,” 
IT Project Manager, London Borough of Tower Hamlets

2. Trusted cyber intelligence

Cyber intelligence – the ability to get ahead of attackers and respond in real-time to incidents is a capability that many organisations do not have the infrastructure, skills or resources to provide today.  Selecting and making sense of the right external threat feeds, aggregating and correlating security event log data, putting this data in context for your business and recommending the right actions, not only requires a specific skill set but to be effective it also needs a brutal 24/7/365 focus. 

Many organisations seek a MSS partner that will work as part of their team to minimise risk, maintain availability and drive efficiency across their IT infrastructure.  It’s important that the MSS providers they partner with invest in building knowledge and have relevant accreditations, so that customers have access to these skills without having to worry about how they find, maintain or retain them. It’s crucial as MSS providers that we maintain the Relevant Cyber Security accreditations that allow us to work across all manner of organisations and include the following; CLAS (CCP), Cloud Security Principles (Public Sector Network), PCI DSS, ISO27001, CHECK, Cyber Essentials Plus, GICSP and CISSP.

“Security is a very specialised discipline and we needed to be sure that the company we chose understood our requirements and was able to suggest relevant security options.  The fact that CNS could focus on our organisational needs and apply suitable solutions was crucial to the success of the project. We see the effective implementation of new technologies as critical to policing in the 21st century.” 
Head of ICT, North Wales Police

3. Continuous compliance – no longer a pipe dream

Whatever type or size of business you are, preparing and executing the growing number of industry or partner compliance audits is arduous and time consuming – often competing for resources with other business as usual tasks and projects. If organisations could not only eliminate this ad hoc resource drain but increase the confidence of partners, auditors and stakeholders and reduce the capital cost of continuous compliance – they  would be eager to find out how.

As a Managed Security Service provider, we can offer a continuous compliance monitoring service and link with industry regulators to offer best practice guidance and practical advice for customers.  Help is provided to establish a compliance base line and agree the best way to monitor, manage and respond to event information in a specific compliance context.

These services not only maintain compliance standards – increasing confidence for businesses – but also provide empirical information which elevates the discussion around risk and future security priorities to board level. 

“We chose CNS for a number of reasons, primarily for the knowledge and experience the consultants bring, particularly of information security implementations. The consultants engage capably at all levels of the firm, particularly with the board and senior management.

They listen carefully to our needs, and bring insight framed in the language and culture of our own business, which is invaluable for stakeholder engagement. This approach has led to the on-going success of our programme, and we look forward to continuing this partnership for years to come."

Information Security Manager, Bird and Bird

 

A cyber security partner you can trust

CNS Group understands that strategically out tasking elements of cyber security requires trust.  Many UK organisations may have outsourced other elements of their business including HR, payroll and finance but have hesitated over security. Similarly, these business functions have repeatable processes that make sense to outsource so that internal resources can focus on delivering value to the business, cybersecurity is no different. 

As a government accredited company, we help UK organisations of all sizes build cybersecurity capabilities and maintain compliance through practical consulting and managed services ensure compliance and establish 24/7/365 cyber intelligence capability. It’s all we do and we are proud that our customers think we do it well.

 

“Why do I work with CNS? That’s simple, because I trust them. I trust them to listen to what I say I trust them to understand my needs and I trust them to deliver solutions appropriate to those needs. What more do you need from a solutions partner?” 
Global Head of Security, Michael Page International

Social Media

Twitter

Linkedin

IP EXPO | LinkedIn

The home of IP EXPO Event Series

Facebook