Security operations centers (SOCs)Cloud platform managementSIEM and log monitoringFramework-based cybersecurity management functionsThreat intelligence feeds and analysisVulnerability scanning and patch managementEndpoint detection and response (EDR)Firewall and network security managementCompliance tracking and audit support”MSPs already have the infrastructure and staff in place to deliver these services efficiently, and at scale,” Richard Tubb, who runs the MSP community at Tubblog, tells CSO. “That’s a huge win for CISOs who need fast results without building everything from scratch.”Afshin Attari, director of public sector at IT consultancy Exponential-e, says CISOs can be confident that MSPs handle day-to-day security operations, freeing them up to focus more attention on strategy, architecture, and governance.”Managed service providers bring deep expertise, 24/7 monitoring, and access to cutting-edge tools that would be prohibitively expensive to develop in-house,” Attari says. “Services like threat detection and response, network monitoring, vulnerability scanning, and penetration testing lend themselves well to outsourcing.”Attari adds: “These functions require specialist knowledge and constant vigilance, both of which MSPs can offer at scale.”Deciding which function to outsource to MSSPs comes down to a careful consideration of business goals, risk appetite, and regulatory requirements, but some things that shouldn’t be outsourced include security governance and strategy, risk ownership and accountability, executive reporting and board engagement, business-aligned decision-making, cyber awareness training, experts say.”The CISO and their internal team should always retain control of the overall direction,” Tubb advises. “After all, MSPs can provide insight and execution, but only internal teams have the full business context.”Tom Lovell, infrastructure and modern workplace principal consultant at Infinity Group, agrees: “Strategic oversight, risk assessment tailored to the business, and decision-making tied to regulatory compliance require intimate knowledge of the organization’s unique structure, processes, and risk tolerance, which external providers cannot replicate alone.” Hybrid and co-managed security models: CISOs embracing the MSSP model need to develop a hybrid approach that finds the right balance between outsourcing functions and building in-house capability.”CISOs can bridge critical skills gaps, maintain continuous protection with a shared hybrid approach, and create a more resilient security posture without overburdening stretched internal teams,” Exponential-e’s Attari suggests.Steve Miller, manager of security engineering for EMEA at cybersecurity vendor BlueVoyant, tells CSO that many organizations are turning to co-managed security models.”Unlike traditional managed services, which often involve outsourcing entire functions, co-managed approaches are designed to work alongside internal teams, augmenting their capabilities rather than replacing them,” Miller explains.This model offers several advantages, according to Miller:
Knowledge transfer and upskilling: Internal teams benefit from working directly with external experts, accelerating their learning, and reducing long-term dependency.Operational control: Organizations retain ownership of their security operations, ensuring alignment with internal policies and risk appetites.Continuous optimization: Security tools are regularly reviewed and fine-tuned to adapt to evolving threats and business needs, thereby maximizing the organization’s return on investment.Cost efficiency: Co-managed services can help organizations maximize existing investments, particularly in complex platforms where optimal ingestion patterns get the most out of licensing and minimize costs.Jordan Schroeder, managing CISO at cybersecurity services provider Barrier Networks, says the best functions to consider outsourcing are those whose “process is mature and well-defined, with clear outcomes and responsibilities.” But a co-managed approach can still provide benefits elsewhere.”For organizations with immature or ad hoc cybersecurity functions, outsourcing can accelerate the development of necessary definition and maturity, provided the MSP understands that their role includes guiding organizational development,” Schroeder advises.Daryl Flack, cybersecurity expert and partner at managed security services provider Avella Security, argues that turning to MSSPs to outsource some security functions can be a good option for larger enterprises, not just SMEs.”Organizations of all sizes are grappling with the challenge of recruiting and retaining specialized technical expertise, deploying advanced security tools, and maintaining the certifications and accreditations essential for regulatory compliance, third-party contracts, and a robust security posture,” Flack says.Flack adds: “By partnering with MSSPs, CISOs gain access to a deep bench of highly skilled professionals and leading-edge technology. This approach empowers organizations to mitigate the risks associated with limited in-house resources.”See also:
6 risk factors to know when hiring an MSSPIs your MSP an insider threat?Top 12 managed detection and response solutions
First seen on csoonline.com
Jump to article: www.csoonline.com/article/4016339/skills-gaps-send-cisos-in-search-of-managed-security-providers.html
