ISG Provider Lens™ Cybersecurity – Solutions and Services - Managed Security Services - SOC - Switzerland 2023

Several challenges and Swissness characterize the Swiss cybersecurity market

Cybersecurity companies are currently facing various challenges. Increased cyber threats due to the Ukraine-Russia war, COVID-19- related upheavals, which have mostly been overcome, and the long-term trend toward digitization have increased cyberattack surfaces in  Switzerland, necessitating appropriate countermeasures. The weakening of the economy is also causing financial challenges. 

As part of digitization, business processes are increasingly shifting to IT. Digital representation of intellectual corporate property is also on the rise. With the increasing need to protect IT and communication systems, IT security has transformed into corporate security. The COVID-19 crisis has brought challenges to IT security as increasing work from home and the resulting external connectivity of employees have made IT systems more vulnerable to attacks. Since many companies still have employees working remotely even after the pandemic has ended, this challenge is likely to continue.

In addition to increased remote and hybrid work, the rising provision of resources from the cloud has made IT systems more vulnerable. As a result, the zero-touch approach is gaining increased relevance. The principle of never trust, always verify means, among other  things, mutual authentication and continuous monitoring of networks.

Cybercriminals are applying new, sophisticated and complex methods to overcome the cyber defense systems of companies and authorities in shorter time frames. Several devastating cyberattacks have surfaced in the last 12 months. However, a few smaller attacks, such as ransomware attacks, are causing trouble for companies. Therefore, cybersecurity measures must be up to date. More companies and public institutions are overwhelmed due to the shortage of IT specialists, especially in the cybersecurity market. As a result, IT managers and executives are increasingly turning to external service providers, such as managed security service (MSS) providers. Providers and many IT security product vendors are increasingly relying on proactive rather than reactive methods based on  artificial intelligence to defend themselves against threats.

The shortage of skilled workers is driving demand for external cybersecurity service providers in Switzerland.

In addition to the company’s cybersecurity measures, legal regulations are also forcing companies to implement strong security measures to prevent cyberattacks. This applies especially to data protection, a top priority in Switzerland. Here, with the banks, sit companies of great importance whose assets are strongly linked to data. Switzerland has great confidence in its resources. Questioning the data protection agreement with the U.S. has further strengthened this attitude. As a result, IT product and service providers that develop their  offerings in Switzerland are attracting significant interest (due to their Swissness).

This applies especially to operating offerings such as cloud solutions and SOCs. Midsize companies deal with legal data protection requirements while attaching great importance to the Swissness of the provider.

SMEs are an interesting market segment for cybersecurity providers. They have less mature IT security systems than large enterprises but are forced to upgrade due to the security factors described above. They are updating themselves with the latest cybersecurity solutions and the market is accordingly experiencing above-average growth in demand. It is more advantageous for providers to have a balanced customer structure of midsize and large companies to benefit from large accounts’ extensive budgets. The economic slowdown has affected the demand for cybersecurity solutions. Therefore, with their above-average growth in demand, SMEs are becoming an increasingly attractive market segment and also one that needs to be addressed adequately. Offerings meant for  large clients cannot be made available to all SME customers. Instead, go-to-market products, prices and communication must be adapted to the customers’ needs. For providers to be regarded favorably by SMEs, communication and cultural aspects are crucial factors.

Cybersecurity providers that want to grow at an above-average rate in Switzerland should focus more on the needs of SMEs and communicate with them accordingly.

Despite the increasing significance of cybersecurity, IT managers are increasingly struggling to legitimize investments in IT security vis-à-vis stakeholders in the company, especially the CFO. Unlike other IT projects, proofs of return on investment are few and quantifying threat risks is not easy. However, executives are also increasingly recognizing that cyberattacks can lead to massive, possibly existential financial and image damage. Thus, cybersecurity is gaining importance, with senior management becoming more involved in cyber risk management.

Technical issues are not the sole cause of cybersecurity attacks. Users’ careless behavior facilitates many attacks, such as Trojan horse and phishing attacks. In addition to up-todate IT security systems, consulting and user training continue to play an important role.

Organizations must also pay attention to technical threats in the future. Quantum-based attacks represent a new sophistication in encrypting confidential data. The first service providers have already adapted to this with their consulting services.

Identity & Access Management (Products)

IAM is a significant aspect of cybersecurity and will continue to remain so. A major reason for the growing demand for IAM solutions is increasing digitization that necessitates identity protection of users, machines and certain company areas (Industry 4.0).

The constant rise in users, devices and services is increasing the need to manage digital identities. Another factor is the increased work from home due to the pandemic. Many employees are accessing corporate resources remotely, making regulation and control of  access to data and systems even more important.

Data Leakage/Loss Prevention & Data Security (Products)

Interest in data leakage/loss prevention (DLP) solutions has continued to grow significantly in Switzerland in recent years due to various factors affecting data security in organizations. Data and intellectual property have become increasingly important and, in some  cases, existentially significant corporate assets.

The increasing use of private end devices for businesses also poses a challenge in protecting unwanted data leaks as they often escape the company administration’s configuration and control. 

Extended Threat Detection & Response (Products)

Extended Threat Detection & Response (XDR) solutions have gained prominence and traction in the past two years. Organizations want to better understand and contextualize (correlate) the information they gather from the wide range of security tools deployed in  their IT infrastructure. Automation plays a central role in this.

Leading vendors offer behavioral and contextual analytics modules and open integration with other endpoint, network detection and response products. 

Security Service Edge (Products)

Security service edge (SSE) is still at an early stage of maturity and adoption by enterprises. SSE includes solutions that enable enterprises to securely access cloud, facilitate remote work, secure edge computing solutions and support digital transformation. The  growing number of remote and hybrid workers and the transition to cloud have created demand for SSE solutions.

Strategic Security Services

In addition to the acute crises (the Ukraine-Russia war and the COVID-19 effects), companies in Switzerland are facing a wide range of challenges related to IT security and data protection. Increased threats and lack of resources have raised the need for orientation.

In the face of increasingly intense and sophisticated cyberattacks, companies are challenged to protect their IT systems from damage. This has long since affected well-known large companies, public institutions and small- and midsize companies. At the same time, the shortage of IT specialists continues to complicate this situation.

Midsize companies are suffering from severe shortage of IT security specialists. The midmarket segment is thus growing at an above-average rate and becoming increasingly attractive.

Managed security service providers can hardly cope with cyberattacks without artificial intelligence and automation. However, human expertise should not be dispensed with.

Technical Security Services

Due to the rise in sophisticated cyberattacks and shortage of skilled workers, companies and public authorities in Switzerland are increasingly relying on external service providers to keep their IT security systems up to date.

With increasing ransomware attacks, criminals are exploiting users’ careless behavior, such as in the Trojan horse and phishing attacks. Therefore, up-to-date security equipment and training for users are crucial cybersecurity measures.

IT security projects are often demanding and multifaceted. Service providers offering a wide range of technical security services from a single source have a particular advantage.

Managed Security Services (SOC)

The increasingly sophisticated, frequent, complex and versatile cyberattacks and the additional challenges posed by the current crises are driving the demand for MSS. Scarce qualified resources and the need for constantly updated specialist knowledge are additionally putting these services in the focus of Swiss companies.

Large and medium clients appreciate SOCs in Switzerland due to its enhanced data protection laws and providers’ Swissness. For both the target groups, end-to-end security services, integrated solutions comprising IT and related security solutions and a high level of  innovation are important to stay ahead in the race against cybercriminals. 

MSS providers are increasingly using artificial intelligence and automation to deal with cyber threats. Machine efficiency with extensive human expertise is the ideal combination.

In the future, cybersecurity service providers must arm their customers to defend themselves against quantum-based attacks. 

Access to the full report requires a subscription to ISG Research. Please contact us for subscription inquiries.