Close this search box.

Lack of internal skills and tech driving increased outsourcing


More UK businesses are looking to work with third party cybers ecurity specialists, driven by the lack of cyber skills. Nearly 30 percent of UK organisations are either using or planning to use a managed security services provider (MSSP), according to the 2017Risk:Value report – which examines attitudes to risk and the value of information security – from NTT Security, the specialised security company of NTT Group. Comment from Kai Grunwitz, Senior Vice President EMEA, NTT Security.

A global study of 1,350 business decision makers, the Risk:Value report shows that attitudes are changing towards outsourcing a company’s IT security to a third party as cyber threats continue to evolve, stricter compliance measures come into force, and demands on in-house resources are stretched to their limit. According to the report, while only 6 percent of organisations in the UK are using a third party provider currently, 23 percent plan to use one. Another 29 percent say they might consider it in the future, although a minority (11 percent) say they plan to keep their security processes in-house.

Of those UK organisations using or planning to use an MSSP, nearly a third (31 percent) say it is because of a lack of internal skills and 27 percent want access to better technology. More than a quarter (28 percent) of respondents say it is more cost-effective to outsource, although the main reasons for using a third party are for support with data storage (40 percent) and data management (35 percent), as well as assisting with cloud migration projects (15 percent).

Kai Grunwitz, Senior Vice President EMEA, NTT Security, comments: “Many organisations are struggling with a lack of resources, coupled with trying to stay compliant and cope with an increasingly complex security landscape. As threats increase in both complexity and sophistication, corporate IT teams are unable to keep up, and quickly find they lack the skills and technology for early detection and response. Working with a third party security provider not only delivers round-the-clock access to specialist skills and knowledge, but also brings with it the very latest advanced threat detection and analytics technology and capabilities that would be impossible to have in-house without huge capital investment by the business.”

Of those not using a third party provider, around four in ten (43 percent) say do not want to share information with a third party, while a third (34 percent) have security concerns. More than a quarter (26 percent) say they are too expensive. Citing the forthcoming General Data Protection Regulation (GDPR) as a possible driver for companies working with third parties, Mr Grunwitz adds: “The deadline of May 2018 is not that far away, yet there are a lot of organisations that have still not grasped how important this is, or who think it doesn’t apply to them – perhaps because they’re not based in Europe or Brexit is coming. These are not valid reasons to push it under the carpet. This and the wider governance, risk and compliance (GRC) environment is a huge potential growth area for managed security services providers.”According to the NTT Security Risk:Value report, only 39 percent of companies in the UK have identified GDPR as a risk for them, the lowest figure for all of the European countries surveyed.

Global/country figures
Forty-four percent of organisations worldwide (average across all countries) are using or planning to use an MSSP, with 6 percent currently using an MSSP and 38 percent planning to. 28 percent say they might consider it in the future. While 8 percent will never use a third party security provider. Switzerland and Hong Kong (on 12 percent each) are most likely to use a third party provider Sweden, Germany & Austria and Singapore (all 3 percent) are least likely.

Industry sector figures (global)
Financial services companies lead the way in using third parties, with one in ten already using a managed security services provider, while another 43 percent say they plan to use one. The report suggests that other sectors are set to close this gap, with more than half (51 percent) of business and professional services companies interested in bringing an MSSP on board, followed by computer services and technology (49 percent) and manufacturing companies (42 percent). Just 2 percent in Government use an MSSP, while 18 percent never plan to use one.

Research demographics
Commissioned by NTT Security, the 2017 Risk:Value report surveyed 1,350 non-IT business decision makers in the US, UK, Germany and Austria, Switzerland, France, Sweden, Norway, Hong Kong, Australia and Singapore. Organizations have more than 500 employees and were selected across a number of core industry sectors.  Approximately a third of responses are from the financial services sector.

Read more

Latest News

Read More

Religion and belief in the workplace

21 June 2024


Receive the latest HR news and strategic content

Please note, as per the GDPR Legislation, we need to ensure you are ‘Opted In’ to receive updates from ‘theHRDIRECTOR’. We will NEVER sell, rent, share or give away your data to third parties. We only use it to send information about our products and updates within the HR space To see our Privacy Policy – click here

Latest HR Jobs

UHI InvernessSalary: £25,971 to £28,432 pa (rising to £27,471 – £29,932 from 01 September 2024)

Our wholly owned social enterprise, Slave-Free Alliance, provides services to global companies and public bodies seeking to protect their operations and supply… £55,000 a yearFrom

Prepare and present HR reports to the executive team and board of directors. The HR Director will lead and manage the Human Resources department, overseeing…From

National Pay Range: £35,711 to £36,545; Inner London Pay Range: £40,912 – £41,567Civil servants applying on temporary promotion will usually be appointed to the… £35,711

Read the latest digital issue of theHRDIRECTOR for FREE

Read the latest digital issue of theHRDIRECTOR for FREE