CenturyLink commissioned new research with International Data Group (IDG) to
help customers identify where they can receive the most value in
working with a service provider. The data finds organizations reported
an average 32% reduction in threat responder workload when they deployed
a managed security information and event management (SIEM) solution.
The research shows security leaders are turning to managed security
services to help augment limited internal resources and bridge the
security technology gap.
"Security
is an inherent ingredient in networking today; however, limited
resources and budget constraints make it difficult for companies to
develop with their own staff," says Chris Betz,
chief security officer at CenturyLink. "To better understand insights
and to prioritize incident response, you need to consider third-party
solutions and leverage an integrated security strategy from the start."
The most significant improvements for third-party managed network security technologies on average included:
- A reduction in false positives - up to 50%
- Faster response times - up to 49%
- A reduction in dwell time - up to 39%
- An increase in system availability - up to 46%
Other key findings:
- Enterprises
that deploy integrated, third-party managed threat intelligence, SIEM,
cloud-based DDoS mitigation and firewall platforms have recorded notable
security improvements:
- Threat Intelligence: 45% to 49% faster response time to remediate threats
- SIEM: 35% to 40% faster time to uncover active threats and potential Indicators of Compromise (IoCs)
- Cloud-based DDoS: 50% to 53% faster time to understand and investigate disruption
- Firewalls: 50% to 53% faster notification for high-priority firewall events
- Over
the next three years, respondents expect that automated threat
detection and remediation will improve their organizations' security
posture. Specifically, they anticipate reducing the burden on IT, better
meeting security outcomes, and gaining business efficiencies. One
respondent noted that security control automation "will help
significantly reduce the time and manpower needed to improve our risk
management".
- According
to the survey, 97% of respondents realized improvements with
third-party managed firewalls, most notably in terms of the ability to
free up resources to focus expertise elsewhere (54%) and a better
security posture (42%).
- After
implementing third-party cloud-based DDoS mitigation, 97% of IT
security leaders reported improvements in areas such as system
availability, incident response time, and reduced downtime.
- The
explosion of data at the network edge combined with growing bandwidth
requirements places tremendous pressure on networks. To help overcome
data overload, manually intensive processes, and limited expertise,
companies are shifting their SIEM management to third parties. Among
those using such services, 96% report across-the-board business outcome
improvements including 39% reduction of dwell time, 38% improved
efficiency for incident response and the 34% reduction in average time
to detect.
For companies evaluating managed security services, there are three things to consider: http://origin-qps.onstreammedia.com/origin/multivu_archive/MNR/Betz_IDG_Final.mp4
- Does it improve security posture? If
this is an area where your company already does security well, you
should double down on your expertise. Otherwise, rely on a third party
with an in-depth focus.
- Does it reduce friction? If
security is making employees' jobs harder, they will find a way to go
around it. A managed solution needs to reduce day-to-day friction.
- Does it decrease costs? Security
teams must demonstrate the value they bring to the company. With
limited funds, investment in security controls must be balanced with the
need to run the business.