We should do what we do best, right?
We live in really interesting times, with a pace of development that is completely unprecedented. All in all, this is marvellous, but it also means that an ever-growing number of people need to learn new technologies and work procedures. And this a positive thing, provided there's enough time for it. Which isn't always the case.
That's why I believe we need to start thinking more about where our own skills can have the most benefit. This may seem obvious, but owing to today's shortage of IT technicians – a shortage expected to become more pronounced in the months and years ahead – we have to make this a greater priority.
One area that has truly experienced an upsurge over the last few years involves managed security services, i.e. Security Operation Centres. By making use of a partner's expertise and services, these Centres are able to detect and respond to various security-related incidents. Together, they decide what is to be included and how to jointly handle these incidents. This can involve everything from different forms of cyber-attacks against organisations to creating a real-time situational overview. The crux of the matter is that this, much like everything else in a connected and integrated world, is something that must be done continuously, around the clock. For instance, it's not possible to shut down security operations over the summer, as it is during this time that threats are most severe.
This is where prioritisation comes in. If we want our own staff to manage these threats, considerable effort is required to retain skills within security and specific products. Or one can choose to entrust the help of a partner who is able to manage the company's security-related incidents and those of others. This means a partner is often better suited to the task than an individual organisation.
Although everyone has different circumstances, we all have the same problems. The current pace of development will, in all likelihood, make it difficult and resource-consuming for an individual organisation to address these issues alone, which is why I feel it's important to get a head start and determine how such a solution would work for the organisation. Naturally, there are a multitude of rules and regulations which demand – or will demand – major investment into the area. But I still think the central question is:
Is it worth an organisation's time to build up proprietary capabilities or is it more important for the organisation to continue developing its core services or products together with customers, partners and even competitors?
In other words, we should do what we do best, right?