ISG Provider Lens™ Cybersecurity - Solutions & Services - Managed Security Services - Nordics 2022

Cybersecurity risks surge with digital transformation initiatives

The Nordics is one of the leading regions in the spread and use of digital technologies. The region also leads in broadband availability, quality and affordability. At the same time, the digital divides along the lines of age, education, income and business size in the region are narrowing every year compared to other member countries of the Organization for Economic Co-operation and Development (OECD).

According to the International Institute for Management Development (IMD), Finland, Norway, Denmark and Sweden held four of the top 10 spots in its global digital competitiveness ranking for the past five years. The regions also led in EU’s Digital Economy and Society Index (DESI) for 2020.

As digital transformation evolves, Nordic nations are increasingly facing new opportunities and challenges. Businesses are planning and implementing digital transformation initiatives to focus on four key areas: engage closely with customers, transform their products and services, optimize operations and improve employee experience. While most companies are at different stages of the digital transformation journey, a fully integrated digital business can leverage all four areas to drive growth

Government focus on strengthening cybersecurity strategy

In early 2021, the parliaments of Finland and Norway reported cyberattacks from malicious actors operating out of China. To counter such threats, enterprises have proposed a mutual defense clause in the Nordic Council to deepen their collaboration in the cybersecurity space.

Finland has established the Network Security Advisory Board (NSAB) to help state governments and municipal departments implement and integrate security technologies with advanced cyberrisk and threat monitoring capabilities. The government has increased capital investment funding to boost information security and develop a foundation for a fully functioning digital society.

Norway’s National Security Authority (NSM), which is responsible for preventing, detecting and coordinating the handling of serious digital attacks, will receive NOK 15 million in funding to protect the government against cyberattacks. It also received NOK 40 million for introducing cyberthreat alerts to NSM and plans to allocate another NOK 50 million to fortify its cybersecurity expertise for municipalities. In addition, the Norwegian Center for Information Security (NorSIS) will direct its focus toward improving communication systems, driving national crisis management efforts, setting up a digital security portal for authorities and upgrading security clearance processes.

In late 2021, the Danish government launched a new cyber and information security strategy that will be implemented from 2022 to 2024. The strategy will be focused on strengthening the digital security posture of Denmark to deal with malicious attacks. It builds on the previous cybersecurity strategy and focuses on including broader areas of ministries that are critical for society and heavily dependent on IT infrastructure.

Recently, the Swedish government is commissioning key defense and security agencies to establish a national cyber security center (NCSC). It has allocated SEK440 million to meet the NCSC’s projected operational costs from 2021 to 2025. The center will be critical in implementing the long-term goal of preventing, identifying and responding to the surge of cyberthreats for protecting critical IT infrastructure.

IAM trends

Passwords are a common channel for unauthorized users to access enterprise network. Identity and access management (IAM) has evolved over many years into present-day user authentication, utilizing multiple authentication methodologies to strengthen the overall security posture. Some of the authentication methodologies include two-factor authentication (2FA) and multi-factor authentication (MFA). A few other technologies such passwordless authentication and biometrics have emerged recently and are gaining prominence.

With the increased migration of enterprise applications and data to the cloud, IAM providers are pushed to introduce secure solutions. Consequently, IAM as a service is gaining momentum as a cloud-based solution. Zero-trust architectures that focus on continuous authentication are also gaining prominence against the backdrop of the changing work environment and employee engagement work models. IAM tool vendors are pursuing an acquisitive strategy to offer an integrated and cloud-based solutions with loads of features.

DLP trends

CIOs and CISOs are planning and implementing a zero-trust security model to keep any threats at bay, for which data leakage/loss prevention (DLP) and data classification services are essential. Businesses are wary of the stringent data protection laws. Europe’s GDPR imposes hefty penalties (less severe violations:

€10 million or 2 percent of a firm’s annual revenue; serious violations: €20 million or 4 percent of a firm’s annual revenue) for data breach or non-compliance. DLP will continue to remain the first step toward keeping data safe and reducing the human touch surface.

Data is the fuel that drives enterprises, and a high degree of importance is placed on their security from both intellectual property and personal identifiable information (PII) standpoints. Data loss and theft can have a severe impact on an enterprise’s reputation and growth, inflicting losses of high magnitude.

Other driving factors in this market include privacy regulations, and concerns arising from intellectual property theft and insider threats. DLP has become a necessary security control by some regulations and regulatory bodies.

Advanced ETPDR trends

The increase in the threat surface is driven by the surging levels of online activities and employee online behavior in the Nordics. While traditional security solutions rely on signatures and catalog threat information, they lack the ability to take a proactive security posture. Advanced endpoint protection players are embedding AI, machine learning and behavioral analysis to correlate information and identify and remediate potential threats. As more employees work remotely through unsecured networks, the adoption of advanced endpoint threat protection, detection and response (ETPDR) solutions will continue to see demand.

Organizations are building large data lakes under endpoint detection and response tools to store the collected endpoint telemetry data. This helps identify and analyze potential threats to provide real-time visibility of malicious events and AI-based threat mitigation steps.

Technical security services (TSS) trends

Partnerships are essential for delivering technical security services. Service providers form partnerships with emerging security solution players to meet the digital transformation needs of enterprises and extend the benefits from a technological standpoint. The Nordics region has a large base of service providers that offer security solutions and technical security services.

With increasingly complex operating environments deploying fragmented tools with low utilization and third-party risks, technical security services providers continue to guide businesses through each stage of implementation lifecycle and offer product-certified implementation expertise.

Strategic security services (SSS) trends

Nordic enterprises are constantly looking to strengthen their resiliency from a cybersecurity standpoint, seeking services across risk advisory, governance, maturity assessments, compliance, architecture and training. As assessments and evaluations lead to recommendations for program modifications and tool enhancements, strategic advisors can pass the opportunity to sales and technical staff to introduce managed security service options and integration capabilities within the advisor company’s overall security portfolio. Providers in this space are hiring domain specialists and setting up cybersecurity labs for training, experimentation and forensic investigation to develop skills that can effectively protect organizations.

Managed security services (MSS) trends

With an increase in cyberattacks, enterprises realize the need for advanced levels of protection to protect their assets. Managed security service providers (MSSPs) continue to see a demand for their offerings from businesses with a low-maturity security posture and a need to keep their infrastructure secure.

MSSPs are increasingly engaging with Nordic enterprises to coordinate the incident response team. They have established cybersecurity fusion centers in and around the region to expand and extend security operations support. These are next-generation security operations centers (SOCs) and leverage AI, machine learning, edge computing, blockchain and other technologies to ingest large data volumes with an advanced analytics layer over them to derive insights and predict attacks to help organizations take a proactive stance, instead of a reactive approach. Managed detection and response (MDR) capabilities have become table stakes in helping organizations with threat hunting, intelligence, detection and response.

Access to the full report requires a subscription to ISG Research. Please contact us for subscription inquiries.