Four ways Managed Security Services can maximize cybersecurity return on investment

This audio was created using Microsoft Azure Speech Services

In my last post, I discussed the important role of Managed Security Service Providers (MSSP) in reducing Operational Technology (OT) cybersecurity risks and their services. It’s no secret that OT decisions are heavily determined by the value or return on investment (ROI) they will make.

For Managed Security Services (MSS), while having third-party experts as a second set of eyes on your systems and supporting you in reducing risks and responding to any issue is great, quantifying its ROI is challenging. However, four key areas help make the business case.

Defining the value of MSS

MSS providers can provide industrial companies value in four key areas.

 1. Increase the value of previous cybersecurity investments

• Are your existing cybersecurity controls optimized for your unique environment?
• Are they maximizing the features of your investment?
• Are they being monitored, updated, and validated to see if they operate correctly, even part of the time?
• Are they sitting in the server room collecting dust without being used since the first few months they were implemented?

Balancing time and skilled resources to consistently monitor, update, and tune cybersecurity efforts with revenue-focused business activities is challenging. It is easier to focus on bottom-line-related issues and let cybersecurity program upkeep stack up over time to become almost unmanageable. Over 70% of businesses feel they have mismanaged 25% to 100% of their cybersecurity investment by failing to remediate threats.

This is where an MSSP can support your program, helping to keep existing security investments current and ensure it’s online and working as intended.

2. Reduce operational costs by running your own program

Running an in-house security program is expensive. Depending on the size of your operations, it could take 8-10 people for 24/7 monitoring, costing $800K-$1M a year, excluding the programs’ infrastructure expenses. Don’t forget to consider the time and cost to hire and train staff, which could add months or even years to your implementation schedule.

You can instead contract with MSS for a fraction of the cost and have an even larger team of cybersecurity analysts with a broad perspective on industry and threat landscapes, reduced infrastructure costs, and almost immediate time to value.3.

3. Increase time to value of new security investments

As the cyber threat landscape grows and regulations increase, more cybersecurity investments are inevitable. Due to learning curves, tuning, and implantation time, companies typically take about six months to realize value from a security investment.

Instead of training your internal team or hoping they have the skill sets required to onboard new technologies, an MSS team has likely seen the exact technologies in various environments to more quickly onboard and help you realize value from the investment.

4. Minimize costs from a breach scenario

For 2023, the average global cost of a data breach is reported at $4.5M. With preventive measures coupled with prompt incident discovery, MSS can help reduce the time it takes to detect a breach and respond quickly to reduce its associated costs.

IBM reports that breach identification can take 207 days plus another 73 days to contain it. Further, breach detection and escalation costs are increasing to become the largest data breach expense, suggesting longer and more complex breach investigations.

With Managed Security Services Schneider Electric can monitor your environment 24/7/365 to identify anomalous activity and potential breaches. All alerts are quickly triaged, with incident response procedures provided if required.

Assessing an MSSP

As a rapidly growing field, some industrial companies might feel overwhelmed to sift through MSS providers to find the right match. To do so, we suggest accessing three particular attributes:

1. Proven OT experience. Manufacturing operations are complex, with unique challenges in new IIoT technologies, regulatory requirements, and incident handling procedures. MSS providers should have expertise in OT and cybersecurity to develop security processes that address their challenges.
2. Strong reputation. Providers should have proven experience delivering services in your segment, region, and technology stack. They should be equipped to develop tailored solutions aligned with your organization’s needs – not just standard, menu-based offerings).
3. Ability to scale. Providers must maintain commitment as your organization grows, makes acquisitions, and/or expands into new territories.

Optimizing cybersecurity starts with an assessment

To find the right cybersecurity investment, you must first understand what you’re doing well and where you need help. To figure this out, I recommend starting with a third-party assessment, providing an unbiased view of your vulnerabilities, risk environments, policies, and procedures.

Often, this outsourced investment results in several quick wins, offering cost-effective improvements to your current cybersecurity program. For example,

• Identifying 5-10 misconfigurations can improve security for hundreds of IIoT devices — a small investment with a big impact.
• Providing a roadmap for future security upgrades that align with your business objectives and local regulatory requirements.

Schneider Electric™ OT control systems and power infrastructure experts run best-in-class security operations centers overseeing MSS operations across a global customer set. Our teams are world-class experts in cybersecurity science and global/local regulatory compliance. To connect with the team on our MSS solution, email us at cybersecurity-services@se.com.

I spoke on this topic with Greg Hale of ISS Source on his Today with ISS Source podcast — scroll to find the episode titled “Value of Managed Security Services.”