MSSPs the answer to detect-and-respond skills drought, says Gartner

Security spending is shifting from prevention-only approaches towards detection and response, but end-users lack the skills to make the switch effectively, analyst concludes

Managed security services providers (MSSPs) and consultancies will find themselves in hot demand as end users grapple with a mounting skills shortage around detecting and responding to security threats.

That's according to Gartner, which predicts that a drive among organisations to fortify their detection and response capabilities will drive the majority of security market growth over the next five years.

Global information security spending will leap by 7.6 per cent this year to hit $90bn, before topping $113bn in 2020, the analyst predicted.

Traditional preventative IT security defences such as anti-virus and firewalls have come under fire in recent years for failing to successfully block modern-day security attacks.

This has forced more firms to redirect some of their security budgets towards identifying attacks once they have happened and mitigating against them.

However, Gartner noted that many organisations are so ingrained in the preventative techniques they have relied on for decades that they have yet to develop sufficient know-how around detection and response strategies.

This has created a skills vaccum that is leading them to seek external help from security consultants, managed security service providers and outsourcers, Gartner said.

"The shift to detection and response approaches spans people, process and technology elements and will drive a majority of security market growth over the next five years," said Sid Deshpande, principal research analyst at Gartner.

"While this does not mean that prevention is unimportant or that chief information security officers (CISOs) are giving up on preventing security incidents, it sends a clear message that prevention is futile unless it is tied into a detection and response capability."

The market shift to detect and respond has spawned new security product segments such as deception, endpoint detection and response (EDR), software-defined segmentation, cloud access security brokers (CASBs) and user and entity behaviour analytics (UEBA), Gartner said.

But their emergence has been at the expense of other areas, including data and network security, it added.

The current penchant for detection and response isn't all good for MSSPs, meanwhile, Gartner warned: the emergence of specialised managed detection and response (MDR) services is actually a threat them, it claimed.

"The rising number of point solutions in the security market that address detection and response is creating sprawl and manageability issues for CISOs and security managers, driving spending for management platforms and services that are better integrated with adjacent markets," it explained.