July 7th, 2020 by Ethos Technologies
A common concern we hear about cyber defense and IT network management is staffing. Many customers say they would need to double their security headcount to maintain the same level of protection when we speak to a full-service solution.
One large U.S. healthcare provider with an employee count of 4,500 employees, 80 of which were dedicated IT staff recently made the move to co-managed IT. With three of their IT staff members being solely dedicated to cyber security and threat detection.
There are some great statistics that back-up the argument for migrating to co-managed IT:
50% reduction in IT security headcount; meaning no need to hire additional full-time staff
After a system analysis the company had a need to hire three additional security IT staff, an increase of 100% due to the manual work to identify what was happening on their network. Their co-managed IT solution now proactively identifies the issues and automatically resolves 95% of cases before they become issues allowing the 3 current staff to focus of remediation for the nominal number of issues that still require human interaction.
90%+ reduction in time spent on day-to-day cyber security administration
Their IT security manager spend 3-60 minutes daily reviewing incident logs and investigating response need. Additional time was needed to resolve issues and that could take hours. With co-managed IT all data is consolidated in a single management platform and presented in a consistent format, making it easy to identify and respond to issues. This removes the onerous daily task of mapping data across multiple sources to try to identify suspicious vs. malicious vs. benign.
85% reduction in the number of security incidents leading to significant reduction in the downtime for the entire organization
As a hospital they hold large quantities of sensitive Personal Identifiable Information (PII), as well as payment information, making them a target for cyber criminals. Prior to co-managed cyber defense, the experienced on average three incidents each day that were worthy of further investigation. That average has dropped to one every three days.
90%+ reduction in time to investigate an incident
Conducting a thorough investigation into an incident took around 3 hours which included getting local access to the affected computer. Now it take a maximum of 15 minutes with everything done remotely. Previously the team would need to disable the network adapter and the physically get to the device to investigate and resolve the issue before manually reconnecting. They would also need to accommodate their users’ workflows; for example, waiting until a doctor wasn’t treating a patient before gaining access to that system for remediation. The ability to isolate the device enables the team to investigate the issue remotely without impacting user and system availability. The reduced investigation time and ability to manage everything remotely also significantly reduces disruption to other users within the hospital.
Another major benefit is continuous protection during investigation. Instead of removing devices from the network for manual investigation and forcing updates to be done (also) manually at a later time, co-managed solutions isolate a device to investigate an issue while it remains online and continues to receive protection updates.