If you are still seeing the Middle East and Africa as one homogenous territory, which can be addressed by a single, static solution, then you’re likely to be challenged when it comes to the applicability and operational efficiency relating to Managed Security services. One needs to acknowledge that you are working across a region that includes 70 very different individual countries, each with their own cultures; languages; traditions; challenges; rules and regulations; and a diverse level of ICT related infrastructure. That’s why it’s so critical for the development of managed security services to be provided in context, and specifically in the context of the country in which your organisation operates.
What to look for in a cybersecurity partner
The cybersecurity industry isn’t new. There are several industry leaders that have been working hard to protect their clients for decades, who offer almost the same services as each other. As the threat landscape continues to evolve, however, it’s becoming more important to assess your needs holistically and find a partner who can co-create, co-innovate and co-implement with you to ensure that you have the most appropriate solution that speaks to your organisation’s business continuity as a whole, and takes into account the nuances as a result of the different countries they are domiciled in.
A good place to start is to look for a partner that can offer local development capabilities; a large global footprint; the ability to leverage the assets, knowledge, and skillset of a larger group; the desire to co-develop and co-solve with you; and the attainment of cost efficiencies.
What is important to you?
According to NTT’s research, the Middle East and Africa (MEA) is in the initial stages of cyber-maturity, however the region’s ambitions to aggressively increase their maturity are amongst the highest globally. In order to achieve these ambitions, MEA-based organisations will need to take a more comprehensive stance on security. Companies will need to implement a managed solution that not only contemplates cybersecurity risks, but also has the ability to carefully consider and manage the governance, risk, and compliance aspects of the broader business.
If your business experiences a major incident, be it cyber related, a fire or flood, or even unrest, you need to know that you have a comprehensive business-continuity strategy, and a disaster-recovery strategy in place that will ensure minimal downtime and disruption. While such disruption could result in massive losses for a business, increasingly the expectation from a governance, risk and compliance perspective, is to invoke a disaster recovery plan (DR), where you are able to physically relocate the bulk of your most critical team members to a new, secure operating environment, and have minimal business resumption in a matter of hours. Physical Work Area Recovery (WAR) is increasingly becoming a necessity as opposed to a luxury. Your managed security service provider (MSSP) should ideally be able to extend their capabilities to provide full business continuity, not just cyber-related risk-mitigation strategies.
Choose a local MSSP that is part of a larger group, they will have greater insight into the threat landscape. There is a lot of value to be derived from being part of a very large, managed service provider. From a security perspective, they will have broader sight of the attack vectors that threaten the ICT landscape. The larger the organisation, the more oversight they have because they are covering more logs and attack vectors. Understanding the potential threats from billions of logs is more valuable than insights from millions. Having the platforms and tools in order to handle the mass of information and distinguish between critical and non-critical logs is imperative.
It’s important to understand — both as a MSSP, and as a client — that local in South Africa is very different to local in Kenya, or local in Saudi Arabia, or the United Arab Emirates. Local infrastructure plays a huge role in deciding how to develop the best possible solutions for a business. When solutions are built for businesses in emerging countries, developers need to ensure they account for the inherent infrastructural instability in the specific location, and plan accordingly. It is therefore imperative to use a provider who has access to these local insights, and who is focused on building those skillsets locally rather than just exclusively offshoring them.
Does your provider focus on developing the right local skills? People working in this business need to understand that it is their daily job to defend their clients from attacks, and they need have a clear understanding that they are the first, second and third line of defence. They need to be on the look-out, hunting for possible threats all the time. It takes a particular psyche to be able to work in defence-mode all the time. This kind of culture is not something you can typically develop in a shared operations environment; it needs to be in a dedicated security environment.
Ask yourself whether your MSSP can customise solutions for you. Further to this, while some companies might prefer to use an internationally based MSSP, it’s not always possible from a regulatory perspective. What we’re seeing a lot of in emerging markets, is that there are a host of smaller organisations for whom such large-scale solutions just aren’t appropriate, and there is a need for greater customisation of solutions. Choose an MSSP that can adjust their solutions to work more appropriately for your business environment. That willingness to co-develop specific solutions for clients in various countries is what can set an MSSP apart.
At the end of the day, you should be looking for an MSSP that is willing to partner with you, that is willing to invest in your business, and that you have absolute trust in. Managed Security Services is but one element of the broader governance, risk, and compliance requirements. A partner that has the capability to fulfil the broader organisational resilience requirements is increasingly imperative.