Outsourced cybersecurity: 42% of companies choose MSP/MSSP

42% of companies in Russia turn to managed IT and information security service providers (MSP/MSSP) due to the lack of their own information security specialists, according to research Kaspersky Lab.

The same number of companies (42%) work with companies in the field of information security on outsourcing due to higher efficiency and the need to comply with the requirements of regulators. Lack of experience in the field of cybersecurity within organizations was noted by 36% of respondents, and 32% chose outsourcing to optimize the cost of staff support and IT infrastructure development.

More than 45% of companies deal with more than four cybersecurity service providers per year, and 38% deal with two or three. According to the survey, misuse of IT resources by employees (58%), DDoS attacks (46%) and incidents with service providers (21%) require the most effort and assistance from external security experts.

Respondents also identified threats caused by the exit of a number of vendors from the market and the difficulties that arose during the operation of their solutions: every fifth (19%) survey participant reported software vulnerabilities and zero-day exploits, as well as attacks by cryptominers, 18% reported incidents in the IT infrastructure installed by suppliers, for example, servers, 16% – about incidents with the services of the Internet of things used by companies or with third-party cloud services (15%).

The study was conducted in 2022 among 3,230 professionals from companies with more than 50 employees.