Lack of internal skills and access to better technology driving UK businesses to partner with managed security services providers – NTT Security 2017 Risk:Value report
25 October 2017
Companies also look to third parties for cost efficiency, cloud and data management support
London, UK; 25 October, 2017 – More UK businesses are looking to work with third party security specialists, driven by the lack of cybersecurity skills and the need for better technology. Nearly 30 per cent of UK organisations are either using or planning to use a managed security services provider (MSSP), according to the 2017 Risk:Value report – which examines attitudes to risk and the value of information security – from NTT Security, the specialised security company of NTT Group.
A global study of 1,350 business decision makers, the Risk:Value report shows that attitudes are changing towards outsourcing a company’s IT security to a third party as cyber threats continue to evolve, stricter compliance measures come into force, and demands on in-house resources are stretched to their limit.
According to the report, while only 6 per cent of organisations in the UK are using a third party provider currently, 23 per cent plan to use one. Another 29 per cent say they might consider it in the future, although a minority (11 per cent) say they plan to keep their security processes in-house.
Of those UK organisations using or planning to use an MSSP, nearly a third (31 per cent) say it is because of a lack of internal skills and 27 per cent want access to better technology. More than a quarter (28 per cent) of respondents say it is more cost-effective to outsource, although the main reasons for using a third party are for support with data storage (40 per cent) and data management (35 per cent), as well as assisting with cloud migration projects (15 per cent).
Kai Grunwitz, Senior Vice President EMEA, NTT Security, comments: “Many organisations are struggling with a lack of resources, coupled with trying to stay compliant and cope with an increasingly complex security landscape. As threats increase in both complexity and sophistication, corporate IT teams are unable to keep up, and quickly find they lack the skills and technology for early detection and response. Working with a third party security provider not only delivers round-the-clock access to specialist skills and knowledge, but also brings with it the very latest advanced threat detection and analytics technology and capabilities that would be impossible to have in-house without huge capital investment by the business.”
Of those not using a third party provider, around four in ten (43 per cent) say do not want to share information with a third party, while a third (34 per cent) have security concerns. More than a quarter (26 per cent) say they are too expensive.
Citing the forthcoming General Data Protection Regulation (GDPR) as a possible driver for companies working with third parties, Mr Grunwitz adds: “The deadline of May 2018 is not that far away, yet there are a lot of organisations that have still not grasped how important this is, or who think it doesn’t apply to them – perhaps because they’re not based in Europe or Brexit is coming. These are not valid reasons to push it under the carpet. This and the wider governance, risk and compliance (GRC) environment is a huge potential growth area for managed security services providers.”
According to the NTT Security Risk:Value report, only 39 per cent of companies in the UK have identified GDPR as a risk for them, the lowest figure for all of the European countries surveyed.
- 44 per cent of organisations worldwide (average across all countries) are using or planning to use an MSSP, with 6 per cent currently using an MSSP and 38 per cent planning to. 28 per cent say they might consider it in the future. While 8 per cent will never use a third party security provider.
- Switzerland and Hong Kong (on 12 per cent each) are most likely to use a third party provider
- Sweden, Germany & Austria and Singapore (all 3 per cent) are least likely.
Industry sector figures (global):
- Financial services companies lead the way in using third parties, with one in ten already using a managed security services provider, while another 43 per cent say they plan to use one
- The report suggests that other sectors are set to close this gap, with more than half (51 per cent) of business and professional services companies interested in bringing an MSSP on board, followed by computer services and technology (49 per cent) and manufacturing companies (42%)
- Just 2 per cent in Government use an MSSP, while 18 per cent never plan to use one.
Download the 2017 Risk:Value report: https://www.nttsecurity.com/en-uk/risk-value-2017
Notes for editors:
- NTT Security is recognised as a Challenger in the Gartner Magic Quadrant for Managed Security Services 2017: https://www.gartner.com/doc/3579052/magic-quadrant-managed-security-services
- NTT Security is positioned as a Major Player in the IDC MarketScape (2017) for Worldwide Managed Security Services. https://www.idc.com/getdoc.jsp?containerId=US41320917
Commissioned by NTT Security, the 2017 Risk:Value report surveyed 1,350 non-IT business decision makers in the US, UK, Germany and Austria, Switzerland, France, Sweden, Norway, Hong Kong, Australia and Singapore. Organizations have more than 500 employees and were selected across a number of core industry sectors. Approximately a third of responses are from the financial services sector.
About NTT Security
NTT Security is the specialized security company and the center of excellence in security for NTT Group. With embedded security we enable NTT Group companies (Dimension Data, NTT Communications and NTT DATA) to deliver resilient business solutions for clients’ digital transformation needs. NTT Security has 10 SOCs, seven R&D centers, over 1,500 security experts and handles hundreds of thousands of security incidents annually across six continents.
NTT Security ensures that resources are used effectively by delivering the right mix of Managed Security Services, Security Consulting Services and Security Technology for NTT Group companies – making best use of local resources and leveraging our global capabilities. NTT Security is part of the NTT Group (Nippon Telegraph and Telephone Corporation), one of the largest ICT companies in the world. Visit nttsecurity.com to learn more about NTT Security or visit www.ntt.co.jp/index_e.html to learn more about NTT Group.