• About
  • Subscribe
  • Contact
Thursday, May 8, 2025
    Login
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
No Result
View All Result
Home Technology Security

Why security as a service makes business sense

Allan Tan by Allan Tan
December 23, 2021
Photo by Tima Miroshnichenko from Pexels: https://www.pexels.com/photo/close-up-view-of-system-hacking-5380642/

Photo by Tima Miroshnichenko from Pexels: https://www.pexels.com/photo/close-up-view-of-system-hacking-5380642/

Security consumed as a service is one of the themes for 2022, according to Gartner’s most recent prediction statements.

The analyst predicts that by 2024, 30% of enterprises will adopt cloud-delivered Secure Web Gateway (SWG), Cloud Access Security Brokers (CASB), Zero Trust Network Access (ZTNA) and Firewall As A Service (FWaaS) capabilities from the same vendor.

“Organizations are leaning into optimization and consolidation. Security leaders often manage dozens of tools, but they plan to consolidate to fewer than 10. SaaS will become a preferred delivery method, and consolidation will impact adoption timeframes for hardware,” continued the analyst.

David Ng

David Ng, Singapore country manager for Trend Micro, noted that the delivery of security solutions as a service allows companies to purchase security solutions easily. Deliver via the cloud, allows for rapid scaling, and easy integration into DevOps methodologies.

Security Operations Centre (SOC) is the team within an organization responsible for detecting, preventing, investigating, and responding to cyber threats. When delivered as a service (SOC-as-a-service), it allows teams to tap into analysts to resolve alerts, identify and analyse indicators of compromise and respond to attacks to minimize the impact of security incidents.

“Since 2019, we have witnessed a shift in the Managed Security Services (MSS) landscape, due to the increased focus on threat detection and response,” said Ng.

According to Gartner, the centre of the MSS market is structured around three main functional areas, which are overlapping:

  • Delivery platform - This includes SaaS and cloud or locally hosted security services
  • Technology maintenance - Delivering content and overall security device management
  • Security operations - This refers to outcome-based delivery and includes managed vulnerability and incident response services

Ng commented that SOC services, as well as Threat Detection and Response Services, are at the intersection of these areas.

Security services post-pandemic

According to Ng, one of the areas that organizations focused on is endpoint security. Before the pandemic, organisations adopted more EDR (endpoint detection and response) solutions to manage the risks from the increased adoption of technology and Bring Your Own Devices (BYODs) models among enterprises.

He opined that with the rise of XDR or extended detection and response, EDR will cease to exist as an independent category – outpacing projections in the 2020 Gartner Hype Cycle for Endpoint Security. 

“Though EDR is a great investigation tool for endpoint security and SOC operations, security teams need advanced technology to analyse large volumes of data, chase false alerts, and manually fix vulnerabilities,” he continued.

XDR helps to address these challenges by providing security teams with flexibility and extended visibility across clouds, networks, and endpoints, and automated data analysis.

In terms of the provision of these services, he posited two trends on the horizon:

  • SaaS is gaining more traction as more organisations shift to the cloud
  • Many organisations struggle with manpower to meet the rising number of threats and turn to managed services to manage their threat detection and response

The pandemic has contributed to these trends.

“A recent study we conducted highlighted that the number of threats during the pandemic has made a dent on the mental health of over 72% of security analysts in Singapore – and 1 in 5 analysts frequently ignore security alerts. Proper tooling, such as implementing XDR solutions, can significantly relieve security teams,” he added.

Source: Security Operations on the Backfoot, Trend Micro, 2021

Security solution fit for purpose

While Ng acknowledged the availability of solutions in the market, he suggested that organisations consider three areas when evaluating what approach to take:

  • What is exactly the pain point we’re trying to solve?
  • Will these services ensure that we’re compliant with the regulations across different markets?
  • Are we able to manage these services based on the manpower we have?

The type of adequate services will vary based on the size or the industry or organisation.

“For organisations in heavily regulated industries, the priority might be to ensure that data is secure and managed adequately. While SMEs prioritise services that not only optimise and secure critical infrastructure but offer support from security experts, which they very often lack in-house,” he opined.

Influence of emerging technologies

Emerging technologies like artificial intelligence (AI) and machine learning (ML) will play a big role in augmenting the capabilities of security solutions today.

Ng sees AI and ML as automating the processing, filtering, and synthesis of data, and have been increasingly integrated into security tools. They have also been known to improve the detection of advanced threats such as ransomware.

He cautioned, however, that while most of the new generation cybersecurity technologies use AI/ML, data analytics, and more, they also require continuous upgrade and monitoring.

“Without proper professional services or monitoring operations, the efficacy of these solutions suffers. It is therefore important to tap into the expertise of the vendor to effectively integrate these capabilities accordingly,” he elaborated.

Maturing cloud readiness

Ng believed that as organisations in Singapore accelerate their cloud adoption, the demand for cloud security will only increase. This is ultimately what fuels innovation within the space among cybersecurity vendors.

He advised businesses not to overlook the fact that cloud security is a shared responsibility. While cloud providers offer tools to secure the cloud, the business owner and end-user must also be responsible for securing their data.

Regulatory compliance

Ng opined that SaaS is the preferred model for security solutions delivery. However, many customers face regulatory or policy-based concerns around the location of SaaS platforms or data storage for their workloads.

“Based on our interactions with customers, data governance and compliance are increasingly becoming a concern,” he added.

Coming in 2022

“I can foresee that in 2022 and beyond there will be a stronger emphasis on end-to-end security for cloud-native solutions that provide capabilities to detect and protect against vulnerabilities in mixed environments – virtual, physical, cloud and containers.

“We’ll also see more organisations adopting zero trust strategies, where there is no level of trust linked to a user, device or network; rather it is regulated by organisations,” he continued.

The cybersecurity industry is also facing a massive talent problem. Deployment of security services in the cloud and its increased automation will help to reduce the time and resources for threat detection and response.

Moreover, the increased adoption of low-code/no-code security platforms will also be a game-changer when it comes to cybersecurity and developers’ talent crunch. Cloud security solutions require highly skilled developers specialising in security software.

With low-code/no-code software, organisations will be able to rely on plug-and-play solutions and in turn, have their current IT teams trained to work and manage such environments easily.

Related:  The Promise and Caution of Generative AI
Tags: CASBcloud access security brokersendpoint securityExtended detection and responsefirewall as a serviceGartnermanaged security servicessecure web gatewaythreat detection and response servicesTrend Microzero trust network access
Allan Tan

Allan Tan

Allan is Group Editor-in-Chief for CXOCIETY writing for FutureIoT, FutureCIO and FutureCFO. He supports content marketing engagements for CXOCIETY clients, as well as moderates senior-level discussions and speaks at events. Previous Roles He served as Group Editor-in-Chief for Questex Asia concurrent to the Regional Content and Strategy Director role. He was the Director of Technology Practice at Hill+Knowlton in Hong Kong and Director of Client Services at EBA Communications. He also served as Marketing Director for Asia at Hitachi Data Systems and served as Country Sales Manager for HDS’ Philippines. Other sales roles include Encore Computer and First International Computer. He was a Senior Industry Analyst at Dataquest (Gartner Group) covering IT Professional Services for Asia-Pacific. He moved to Hong Kong as a Network Specialist and later MIS Manager at Imagineering/Tech Pacific. He holds a Bachelor of Science in Electronics and Communications Engineering degree and is a certified PICK programmer.

No Result
View All Result

Recent Posts

  • Agentic AI-powered AppSec platform launched for the AI era
  • IDC forecasts GenAI alone will grow at a 59.2% CAGR
  • Dataiku brings new AI capabilities to create and control AI agents
  • Microsoft reveals the rise of a new kind of organisation in the AI era
  • St Luke’s ElderCare enhances data security and user experience with Juniper

Live Poll

Categories

  • Big Data, Analytics & Intelligence
  • Business Applications & Databases
  • Business-IT Alignment
  • Careers
  • Case Studies
  • CISO
  • CISO strategies
  • Cloud, Virtualization, Operating Environments and Middleware
  • Computer, Storage, Networks, Connectivity
  • Corporate Social Responsibility
  • Customer Experience / Engagement
  • Cyber risk management
  • Cyberattacks and data breaches
  • Cybersecurity careers
  • Cybersecurity operations
  • Education
  • Education
  • Finance
  • Finance & Insurance
  • FutureCISO
  • General
  • Governance, Risk and Compliance
  • Government and Public Services
  • Growth Strategies
  • Hospitality & Tourism
  • HR, education and Training
  • Industry Verticals
  • Infrastructure & Platforms
  • Insider threats
  • Latest Stories
  • Logistics & Transportation
  • Management Leadership
  • Manufacturing
  • Media and Telecommunications
  • News Stories
  • Operations
  • Opinion
  • Opinions
  • People
  • Process
  • Remote work
  • Retail & Wholesale
  • Sales & Marketing
  • Security
  • Tactics and Strategies
  • Technology
  • Utilities
  • Videos
  • Vulnerabilities and threats
  • White Papers

Strategic Insights for Chief Information Officers

FutureCIO is about enabling the CIO, his team, the leadership and the enterprise through shared expertise, know-how and experience - through a community of shared interests and goals. It is also about discovering unknown best practices that will help realize new business models.

Quick Links

  • Videos
  • Resources
  • Subscribe
  • Contact

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
Login

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Subscribe