Yes or No? When to outsource security monitoring to a service provider

Share this post:

Who would not agree that in this day and age security monitoring is a must?

As the market-leading SIEM vendor we have, however, no illusions about the amount of effort required to get a security monitoring platform up and running. Let alone, what it takes to keep it current and useful. Many of our customers lack the time and people needed to reap the benefits from monitoring systems and gain that much-needed visibility into threats. This is often the initial trigger for managed security monitoring.

There are a variety of use cases that make a lot of sense for managed security monitoring. These include device monitoring and alerting, advanced detection and compliance reporting. In some situations, however, it doesn’t work out as well. Networks with highly sensitive intellectual property or without any kind of external access, for example, have little use for managed security monitoring.

Ultimately, the choice to investigate a managed service involves the reality that a service provider may be able to move faster and be more effective than internal resources. The service provider can invest in tools and personnel across many customers; a typical enterprise cannot.

Before you approach a managed security vendor (such as IBM), you may want to learn more about the drivers, use cases and partner selection criteria of managed security monitoring. This concise paper by Securosis, an independent research and analysis firm, will give you a good start.

Download the whitepaper by Securosis on Managed Security Monitoring