A new study by e2e-assure, a Threat Detection and Response provider, has found that nearly half of Financial Services organizations in the UK that fully outsource their cybersecurity function believe their supplier is underperforming. The research revealed underperforming cyber defense systems in 95 organizations surveyed. The study also found that 77% of Financial Services organizations have experienced a cyber attack. Of these organizations, 45% deploy a fully outsourced model for their cybersecurity operations, 40% adopt a hybrid approach, and only 12% run everything in-house.
The top factors that lead Financial Services organizations towards outsourcing their cybersecurity operations include the need to quickly respond to attacks, gain more control over their environment, and build improved resilience against threat actors.
However, the study found that a significant portion of organizations that outsource their cybersecurity operations lack confidence in their provider’s ability to act and respond to security incidents within 30 minutes of detection. Additionally, 28% of organizations reported that their suppliers generate too many false positives.
On the other hand, the study found that hybrid teams, which combine in-house and outsourced capabilities, performed stronger in terms of greater accountability, favorable SLA response times, and promptness in responding to threats within 30 minutes.
The study highlights the need for service enhancements from providers, including flexible contracts that can adapt to the scope of the original contract signing. The recurring necessity to add new service offerings to meet evolving security threats was also flagged as a frustration by organizations.
Overall, the study emphasizes the need for a critical shift to ensure cyber defense providers meet the needs of organizations in 2024. The majority of organizations stated that they will either seek a hybrid solution or seek specialist expertise when they next procure security operations.