Nir Polak, Co-Founder & CEO of Exabeam, a leading provider of user and entity behavior analytics:
The security expertise shortage is not getting any better; security demands are rising, and the talent pool is not catching up. We’re seeing more CISOs shifting security responsibility outside the enterprise, but only up to a point. Outsourcing is fine for basic functions such as provisioning a new user, but falls apart for security incident response. The MSSP doesn’t have the knowledge, staff, or access to understand how to provide context and respond. As a result, low-level functions go to the MSSP, while high-skill functions such as incident response stay in-house. This leads to more pressure building on the incident-response teams, many of whom are working without a playbook on what to do when they find an incident.