What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-12-04 14:00:00 | How Regional Service Providers Can Grab a Larger Share of the Cybersecurity Market (lien direct) | Security leaders continue to be under intense pressure. Increasingly, they are turning toward third parties for support and expertise as their cybersecurity woes become more dire and it becomes harder to recruit and retain talent. This is reflected in the projected growth for cybersecurity services through 20281 (managed security services, managed detection and response, security consulting, and security professional services). According to Gartner1, end-user spending for all security services will grow from $77.4 billion in 2024 to $116.9 billion in 2028, with a compound annual growth rate (CAGR) of 11.4 percent. Managed detection and response (MDR) is forecasted to be the highest growth area of security services, with a projected 17.1 percent CAGR through 2028. This is in part due to the continued, acute need for support with threat monitoring, detection, and response. However, it’s also due to a growing need for help with risk identification, management and governance, exposure and vulnerability management, and incident readiness due to increasingly stringent requirements by regulators for reporting in these areas. Let’s compare that to the forecasted growth rate of network security products (a 9.9 percent 5-year CAGR, 2023-28, projected to reach $32.8 billion) and security software spending (a 13.4 percent 5-year CAGR, 2023-28, projected to reach $132.0 billion). What’s the storyline? The desire for help and expertise within security is as critical as the need for security products themselves. And, as the threat landscape grows ever-more formidable, especially with adversaries leveraging new AI tech, that need is likely not going to wane. With this growing demand, many, many different (and very large) providers have realized the opportunity in security services and are diving into the security services market for their piece of the “cyber money pie.” This includes everyone from software vendors, telecom companies, cloud service providers, IT service providers and traditional IT consulting firms to global MSPs (managed service providers) and MSSPs (managed security service providers). This is creating a very crowded market, and one in which business models are quickly changing so providers can better compete. For example, many organizations now see some of the big consultancies as a “one-stop shop,” for everything from consulting to MDR. In managed security services, for example, the top 10 MSSPs include (alphabetically): Accenture, Atos, AT&T (LevelBlue), Deloitte, Fortinet, Leidos, HCL Tech, NTT Data, PwC, and Tata Consultancy Services. Together, these providers hold 49 percent of MSS market share worldwide. Extending beyond the top 10 to top the 30 global MSS providers, the total “owned” market share jumps to 88 percent, leaving just 12 percent for the smaller, regional players. The raises several questions. Can the smaller, regional players compete against these big guns? Or, do they have to remain satisfied with fighting over the remaining 12 percent market share globally (which equates to approximately $3.5 million worldwide for MSS in 2025). Is it possible for smaller players to take a portion of the $26 million projected 2025 market share from the top 30? How can smaller, regional players win the security service game? Yes, smaller, regional service providers are going to be the most challenged as the services market continues its rapid evolution, especially as they try to keep up with technology changes, AI’s impact on service delivery, cyber skills shortages, and more. However, they also have an advantage, including the ability to: Specialize in industry or specific tech environments such as OT, cloud, or edge Provide regional context (including culture and language support) Partner with the larger players who can’t be everything to everyone This is wh | Vulnerability Threat Industrial Cloud | Deloitte | ★★ |
|
2023-09-27 10:00:00 | Combiner la sécurité et la sécurité des OT pour une gestion des cyber-risques améliorée Combining IT and OT security for enhanced cyber risk management (lien direct) |
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Integrating IT and OT security for a comprehensive approach to cyber threats in the digital age. Historically, IT and OT have operated in separate worlds, each with distinct goals and protocols. IT, shaped by the digital age, has always emphasized the protection of data integrity and confidentiality. In this space, a data breach can lead to significant consequences, making it crucial to strengthen digital defenses. On the other hand, OT, a legacy of the Industrial Revolution, is all about ensuring machinery and processes run without interruptions. Any machine downtime can result in major production losses, making system availability and safety a top priority. This difference in focus has created a noticeable cultural gap. IT teams, often deep into data management, might not fully grasp the real-world impact of a stopped production line. Similarly, OT teams, closely connected to their machines, might not see the broader impact of a data breach. The technical challenges are just as significant. OT systems are made up of specialized equipment, many from a time before cybersecurity became a priority. When these older systems connect to modern IT networks, they can become weak points, open to today\'s cyber threats. This risk is even higher because many OT systems use unique protocols and hardware. These systems, once isolated, are now part of more extensive networks, making them accessible and vulnerable through different points in an organization\'s network. Additionally, common IT tasks, like updating software, can be more complex in OT. The equipment in OT often has specific requirements from their manufacturers. What\'s standard in IT can become a complicated task in OT because of the particular nature of its systems. Combining IT and OT is more than just a technical task; it\'s a significant change in how companies see and manage risks. From the physical risks during the Industrial Revolution, we\'ve moved to a time when online threats can have real-world effects. As companies become part of bigger digital networks and supply chains, the risks increase. The real challenge is how to unify IT and OT security strategies to manage cyber risks effectively. The imperative of unified security strategies According to a Deloitte study, a staggering 97% of organizations attribute many of their security challenges to their IT/OT convergence efforts. This suggests that the convergence of IT and OT presents significant challenges, highlighting the need for more effective security strategies that integrate both domains. Steps to integrate IT and OT security: Acknowledge the divide: The historical trajectories of IT and OT have been distinct. IT has emerged as a standardized facilitator of business processes, while OT has steadfastly managed tangible assets like production mechanisms and HVAC systems. Therefore, the first step towards a unified front is recognizing these inherent differences and fostering dialogues that bridge the understanding gap between IT and OT teams and leaders. Develop a unified security framework: Optimized architecture: Given the distinct design principles of OT, which traditionally prioritized isolated operations, it\'s crucial to devise an architecture that inherently safeguards each component. By doing so, any vulnerability in one part of the system won\'t jeopardize the overall network\'s stability and security. Regular vulnerability assessments: Both environments should be subjected to periodic assessments to identify and address potential weak links. Multi-factor authentication: For systems pivotal to critical inf | Data Breach Tool Vulnerability Threat Industrial | Deloitte | ★★ |
1
We have: 2 articles.
We have: 2 articles.
To see everything:
Our RSS (filtrered)
