A security software-as-a-service solution that continuously scans the entirety of an organisation’s digital assets is perhaps the clearest indicator of how much the cybersecurity world has changed since the old days, when one ad-hoc penetration test and an antivirus would do the trick.
We asked Eoin Keary, CEO and founder of edgescan, to tell us more about this model of security how should ensure they are making an informed choice.
Which organisations should consider adopting a SaaS?
With the majority of organisations not having the bandwidth to maintain an internal cybersecurity team, most businesses would benefit from turning to a cybersecurity SaaS product. Even those who do have an internal team, often struggle to retain staff given the shortage of talent in this industry, making it worthwhile for any organisation to consider a SaaS security model.
As compliance regulations come into effect globally, it is time for even smaller enterprises to realise that they are also potential targets, and that there is a value to their digital assets that needs to be protected.
If you could recommend three features to look for in a SaaS, what would that be?
- Choose a company that has a track record of protecting clients either in your specific industry, or across a wide variety of industries. Making sure that your SaaS provider is familiar with your compliance requirements, as well as your working type of business, is going to make your life a lot easier. Certifications in relation to how data is processed and secured are also important. Expect the operations staff to be certified also such as OSCP or CEH in relation to vulnerability management.
- I believe in the importance of showing results, and an intuitive, easy to action type of reporting can help you to not only justify the return on investment, but also actually improve your overall security posture. You should aim to know at glance how many vulnerabilities there are in your systems, which assets are connected to the network and how long it takes your organisation to remediate a flaw.
- Seek a vendor that will support you. Customer service is what makes any product better, and when it comes to cybersecurity you need to be able to rely on the people that produced the software that will be protecting your most important data. Moreover, as your business changes and expands, your security posture should remain solid. You should be able to have an open conversation with your SaaS provider about how they are serving you and how they will be scaling their service as you grow.