There's a lot stacked against security teams working hard to keep their organizations safe. Notably, business-technology environments are growing in complexity, such as those brought on by digital transformation, including increased data, endpoints, regulatory demands, and more determined threat actors. Finding and keeping the skills necessary to run an effective cybersecurity program is also challenging.
Another challenge security teams face is consolidating the number of security vendors they must manage. The typical midsized organization may have 60 security tools, while enterprises can have over 100.
"Many organizations have too many security tools in use, and whether they are getting value from them all is debatable," says Michael Farnum, advisory CISO at technology services provider Trace3. Farnum stressed, when it comes to security tooling, less can often be more if it means increased focus on the security work that matters in reducing the most risk.
It's not just security teams taking measures to consolidate or get more done with existing tools. Collaboration among cybersecurity vendors also consolidates capabilities. Such collaboration is essential for finding cybersecurity intelligence, information sharing across industries, and improving security defenses.
The Sophos and Tenable partnership, specifically to launch the new Sophos Managed Risk service, highlights several key trends that will shape the future of cybersecurity:
Increased focus on attack surface management
The Sophos and Tenable partnership aims to help organizations attain a more comprehensive view of their externally facing attack surface and make the identified exposures more manageable. The current digital transformation trends put more data to use, and the need to amplify existing security staff capabilities will continue to drive demand for external attack surface management, threat intelligence, and incident response services.
The collision of vulnerability management and threat intelligence
The collaboration reveals organizations' demands for more actionable intelligence and vulnerability information. Today, it's not enough to know that certain threat actors employ specific attack techniques or that software is at risk due to vulnerabilities. When securing organizations, these data points must be unified by their context and actual level of risk created. This is the only way organizations can know what vulnerabilities attackers are actively targeting within their organization. Unifying threat intelligence and vulnerability management will help organizations more proactively spot vulnerabilities, provide a more comprehensive understanding of the risks in their environment, and even decrease response times to exploited vulnerabilities.
Focus on risk-based prioritization
Perhaps, most importantly, through more intelligence, data, and machine learning, the security industry will help organizations prioritize remediation based on real-world risk. By using analytics that vets such data points as the vulnerability's severity and the asset's business criticality, with threat intelligence, organizations can make much more risk-oriented decisions than can be made by CVSS scores alone. "If we can get ahead of the attackers by encouraging organizations to patch and to remediate those risks up front, they will be less susceptible to many threats out there," says Murray.
As more industry partnerships evolve, organizations can expect more vendors to partner and share information that can be vetted to reduce risk and improve everything from identity and access management to incident response.
Managed Security Services for vulnerability management
Due to the many challenges cited previously, more enterprises will turn to managed services to help them close the security gap from where they are with their cybersecurity efforts today to where they need to be. Offering Sophos Managed Risk as a fully managed service shows the growing demand for outsourced cybersecurity capabilities.
In the future, organizations will continue to seek more outsourced cybersecurity services to keep their costs down, improve their access to skilled cybersecurity workers, and focus more on the success of their business. Consider a report from Mordor Intelligence, which expects the managed security services market to be $35 trillion this year and reach $62 trillion by 2029.
Continuous Monitoring and Proactive Response
More organizations are conducting continuous security assessments. Driven by fast-evolving business-technology environments, regulatory mandates, and increased attacks, continuous assessments help organizations proactively identify and mitigate security exposures. Manual assessments don't always get done promptly; manual risk determinations are error-prone.
Because the overall threat and risk landscape is growing more complex and the attack surface is expanding, more security vendors will offer continuous monitoring capabilities. It's the way organizations will be able to make the best timely and informed risk decisions. Continuous monitoring includes everything from developer environments, networks, applications, user behaviors, software inventories, to third-party partner environments.
