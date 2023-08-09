The company that fails to internalize cybersecurity decides for MSSP, whose skills range from IT to OT and IoT technologies. Marco Bavazzano, CEO of Axitea, explains why choosing it and the benefits and advantages for SMEs.

The cybersecurity scenario is increasingly complex and articulated. On the one hand there are criminal organizations that have embraced the logic of business and they invest on the most advanced offensive technologies to hit their targets. On the other hand, there are organizations of all sizes called upon to operate in an increasingly digital and interconnected world, which effectively extends the potential attack surfaces and multiplies the opportunities available to those who intend to exploit technology maliciously.

MSSP: Threat awareness has also grown in SMBs

If historically it was up to the more structured companies to play the role of potential victim, now even small and medium-sized companies cannot fail to consider cyber security a priority. In this sense, the Clusit data speak for themselves, 26% of Italian SMEs, one in four, suffered cyber-attacks in 2022. Awareness of threats and the problem is growing, as are dedicated resources and investments , as noted by the Digital Innovation Observatory of the Milan Polytechnic. For 2023, 52% of SMEs have allocated budgets for cybersecurity interventions: on average, 4,800 euros are spent for each company, for a total of 470 million euros.

The investments of criminal groups

These are growing numbers compared to the past. But insufficient to deal with increasingly insidious and advanced threats, studied by criminal groups often organized as real companies, capable of investing significant sums in research. All this without considering the shortage of skills specialized, typical of small structures. These very rarely have the internal skills necessary to deal with this cybercriminal scenario. Not having adequate resources to internalize IT protection (professional figures specialized in cybersecurity, as well as investments in expensive solutions), many companies decide to outsource IT security.

Look outside for IT expertise

For this reason, the model of the MSSP, i.e. the IT security service provider that offers managed solutions for the protection of data and infrastructure, is becoming more and more popular. The skills of an MSSP can range from traditional IT to OT and IoT technologies, fundamental elements especially when it comes to manufacturing companies.

MSSP: benefits and advantages

But why choose an MSSP, and what benefits can this decision bring to a small or medium-sized company? The advantages of a choice of this type are many:

First of all, specialization. An MSSP has its core business in the provision of managed security services, which it makes available to customers. Which, in turn, must not take away important resources from their reference market. The breadth of the technological offer. In other words, the possibility of accessing the most suitable technological solutions for the protection of the IT systems of client companies. The constant updating of the systems and of the offer. In the extremely dynamic panorama of cybersecurity, this would require client companies to make an effort – economic and organizational – that is difficult to sustain.

A more personalized approach

Access to the most advanced certifications from different security vendors. They attest to both the expertise of dedicated teams and the availability of the most advanced technologies; The flexibility of a personalized approach. This makes the necessary tools available to the customer in the most appropriate manner for specific needs. All without the classic rigidity of traditional technological solutions. The possibility of offering constant monitoring of the client company’s IT infrastructure (networks, servers, endpoints). This allows you to highlight any anomalies and possible attacks in real time. The ability to respond promptly in the event of an attack, managing incidents and mitigating possible effects on business activity. The ability to reconstruct the causes that generated a possible attack. And this both to provide the right information to internal and external stakeholders, and to adopt the most appropriate protection countermeasures and prevent similar attacks from happening again in the future.

A 24/7 active SOC is essential

All this is combined with a sustainable cost structure, based on the model of the service provided in managed mode. Model that requires neither the purchase of technological solutions nor the need to hire dedicated (and expensive) professional figures such as cybersecurity experts in the company. In all of this, the presence of a Security Operation Center active 24/7, 365 days a year, with IT analysts who monitor the security of the customers’ IT systems, is essential. The SOC must exploit the possibilities given by advanced technologies. For example Artificial Intelligence and Machine Learning for automate processes and be increasingly efficient, thus optimizing the investments made, both by the MSSP and by the client company.

The managed services mode allows customers to maintain their own network, systems and endpoints, ensure them constant monitoring. By delegating control to those who on these platforms, specific solutions, niche or in any case with basic or advanced features, have developed specific skills. Skills that are made available to a large number of customers at the same timewith a scale of costs that thus becomes accessible even to small and medium-sized companies.

