CenturyLink commissioned new research with International Data Group (IDG) to help customers identify where they can receive the most value in working with a service provider.  The data finds organizations reported an average 32% reduction in threat responder workload when they deployed a managed security information and event management (SIEM) solution. The research shows security leaders are turning to managed security services to help augment limited internal resources and bridge the security technology gap.  

"Security is an inherent ingredient in networking today; however, limited resources and budget constraints make it difficult for companies to develop with their own staff," says Chris Betz, chief security officer at CenturyLink. "To better understand insights and to prioritize incident response, you need to consider third-party solutions and leverage an integrated security strategy from the start."

The most significant improvements for third-party managed network security technologies on average included:

• A reduction in false positives - up to 50%
• Faster response times - up to 49%
• A reduction in dwell time - up to 39%
• An increase in system availability - up to 46%

Other key findings:

• Enterprises that deploy integrated, third-party managed threat intelligence, SIEM, cloud-based DDoS mitigation and firewall platforms have recorded notable security improvements:
• Threat Intelligence: 45% to 49% faster response time to remediate threats
• SIEM: 35% to 40% faster time to uncover active threats and potential Indicators of Compromise (IoCs)
• Cloud-based DDoS: 50% to 53% faster time to understand and investigate disruption
• Firewalls: 50% to 53% faster notification for high-priority firewall events
• Over the next three years, respondents expect that automated threat detection and remediation will improve their organizations' security posture. Specifically, they anticipate reducing the burden on IT, better meeting security outcomes, and gaining business efficiencies. One respondent noted that security control automation "will help significantly reduce the time and manpower needed to improve our risk management".
• According to the survey, 97% of respondents realized improvements with third-party managed firewalls, most notably in terms of the ability to free up resources to focus expertise elsewhere (54%) and a better security posture (42%).
• After implementing third-party cloud-based DDoS mitigation, 97% of IT security leaders reported improvements in areas such as system availability, incident response time, and reduced downtime.
• The explosion of data at the network edge combined with growing bandwidth requirements places tremendous pressure on networks. To help overcome data overload, manually intensive processes, and limited expertise, companies are shifting their SIEM management to third parties. Among those using such services, 96% report across-the-board business outcome improvements including 39% reduction of dwell time, 38% improved efficiency for incident response and the 34% reduction in average time to detect.

For companies evaluating managed security services, there are three things to consider: http://origin-qps.onstreammedia.com/origin/multivu_archive/MNR/Betz_IDG_Final.mp4

1. Does it improve security posture? If this is an area where your company already does security well, you should double down on your expertise. Otherwise, rely on a third party with an in-depth focus.
2. Does it reduce friction? If security is making employees' jobs harder, they will find a way to go around it. A managed solution needs to reduce day-to-day friction.
3. Does it decrease costs? Security teams must demonstrate the value they bring to the company. With limited funds, investment in security controls must be balanced with the need to run the business.