There are many disciplines involved in managing a business. Most companies have multiple teams or departments—including executive leadership, product development, marketing, sales, human resources, IT, and finance—necessary to keep the wheels turning and make the business successful. Depending on the size of the company, these roles may be filled by individuals, or they could be entire teams or departments of people, dedicated to that function. In many cases, though, there is a solid case to be made for outsourcing some of these functions. This is particularly true when it comes to cybersecurity.
Taking a Few Laps
Let me illustrate with a personal story.
Alert Logic invited partners and customers to an offsite event last year during AWS re:Invent. We went to Exotics Racing outside of Las Vegas to let people enjoy taking various exotic cars out for a few laps. There were Ferraris, Lamborghinis, McLarens, and more to choose from.
It’s not a cheap activity, so most Alert Logic employees were not offered the opportunity to drive a car themselves. We were, however, invited to go on a ride-along. Rather than driving an exotic sportscar ourselves, we rode in a Dodge Charger SRT Hellcat, driven by a professional driver.
I won’t lie. I was initially disappointed. I mean, who wouldn’t want the chance to race around a legitimate racetrack in a Ferrari? In retrospect, though, I am grateful for the ride-along because it ended up being a significantly more exciting experience than what most people got.
You see, our driver was a professional. His entire job is to race this Charger SRT Hellcat around this track and drift through the turns. He was intimately familiar with both the vehicle and the track, so he could get the maximum speed and excitement out of the experience for us.
Meanwhile, there were people “racing” Ferraris and McLarens at 35 miles per hour because they weren’t familiar with the vehicle or the track. They were intimidated by the vehicles. They were concerned about entering turns too quickly and losing control.
I know how to drive a car. I’ve been doing it for many, many years and consider myself to be better than average. As good as I am, though, there is no way I could have had an experience remotely similar had I driven a car myself that night. I could have done a pretty good job. I’d like to think I would have gone over 35 miles per hour and been able to take the turns without coming to a complete stop. No matter how good I might do, though, there is no way I could compete with the professional driver. That is his business. That’s what he does—and he is paid to be the best at it.
You Don’t Have to Do Cybersecurity Alone
Cybersecurity is similar. With enough time, money, and effort, any organization can theoretically manage their own cybersecurity. For those who are tech savvy and have some experience with cybersecurity, it may even seem like it’s not that challenging. You will have a much smoother experience and more effective cybersecurity, however, if you partner with cybersecurity professionals who are dedicated to that task.
I get it. When you consider that the goal of cybersecurity is to protect things like corporate trade secrets, and sensitive data like financial records and the personally identifiable information (PII) of employees and customers, it seems like allowing a third party to monitor and protect your networks, applications, and data might be more of a risk than a benefit. However, when you consider that cybersecurity is not a core strength of your business, it actually makes more sense to partner with cybersecurity professionals who know what they’re doing than to risk attempting to protect it yourself.
If you look at it from the perspective of ensuring you get the very best cybersecurity, working with a trusted third party that does cybersecurity for a living is the better option. They have the cybersecurity professionals with the knowledge and skills required. They have extensive threat intelligence and experience recognizing and blocking threats or responding quickly when necessary. It’s their business. It’s what they do.
Now, what if I add in cost? A recent Forrester study found that a composite average “organization” experienced benefits of over $1 million over three years versus a cost of just over $200,000 by partnering with Alert Logic for cybersecurity. Not only do Alert Logic customers sleep better at night—knowing cybersecurity professionals are keeping an eye on things—but they get that peace of mind with an ROI of over 400%.
You can do it yourself, but why would you?