• United States



Contributing Writer

Which Information Security Services are Most Popular?

Sep 12, 20122 mins
Cisco SystemsData and Information SecurityData Center

Enterprises are buying services to supplement internal security and leverage specialized skills

Enterprises are increasing their spending on professional and managed security services. According to ESG Research, 58% of security professionals say that their organization’s use of managed and/or professional services for information security has “increased substantially” or “increased somewhat” over the past 2 years.Just what types of services are they consuming? The list is long and diverse, but according to ESG Research, the top 5 categories are as follows:• 33%: Security architecture and infrastructure design (i.e. professional/consulting services)• 30%: Threat intelligence services• 30%: Network monitoring services• 30%: Security /risk management /regulatory compliance assessment• 29%: Web threat managementBeyond this, they are also purchasing services for email security, vulnerability scanning, penetration testing, and staff augmentation amongst other things.Large organizations typically consume IT services a number of reasons. At the one extreme, they outsource mundane tasks rather than take these on themselves. At the other end of the spectrum, they seek out specialized skills for more esoteric high-value activities. Somewhere in the middle, they purchase services to supplement what they are doing in house. The ESG Research indicates that enterprises are most interested in supplementing internal efforts and paying for outside security expertise. Given the combination of a security skills shortage and the increasingly sophisticated threat landscape, it is highly likely that the security services segment will see healthy growth over the next few years.

Contributing Writer

Jon Oltsik is a distinguished analyst, fellow, and the founder of the ESG’s cybersecurity service. With over 35 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies. Jon focuses on areas such as cyber-risk management, security operations, and all things related to CISOs.

More from this author