Cybersecurity consulting – what do clients need today?

Erin is the Senior Analyst and Lead for IT Consulting Research for Kennedy Consulting Research & Advisory

In honor of National Cybersecurity Awareness Month (October), I thought it fitting to touch on the drivers for cybersecurity consulting services.

It is no secret that cyber-attacks are more prevalent and sophisticated today than last year (and maybe even last week). This, along with the fear of being the next company splashed all over the news due to a cyber breach and having to shell out the big bucks to rectify damage, perform an investigation and invest in preventing a repeat attack, are driving companies of all shapes and sizes and across geographies and industries to invest in cybersecurity. Including cybersecurity consulting services, which is a good way for a company to sort-out and understand which IT investments will help reduce the chance of a cyberattack, better predict an attack and minimize damage.

There are several key factors at play driving cybersecurity consulting client spend:

  1. The shortage of highly skilled cybersecurity experts is a very real issue. Clients are using consultants to vet cybersecurity candidates, as a sounding board for cybersecurity IT decision making and to temporarily fill skills gaps.
  2. Many companies lack cohesive cybersecurity methodologies and/or do not keep them current. Consultants are playing a key role in developing a holistic approach to cybersecurity that encompasses prevention, detection, response and remediation, and aligns with a company’s risk profile.
  3. The continuously growing pool of external and internal information allows for more timely insight into anomalies and threats. Consultants are engaging with clients to establish data collection, data storage and analytics practices that promotes real-time actionable insight.
  4. As cybersecurity continues to climb in the list of client priorities, there is more involvement from the top and a greater understanding that an assortment of plug-and-play security solutions are not the answer. Many clients now seek services from consulting firms that can not only provide granular, technical expertise, but also provide strategic execution and management of an integrated cybersecurity engagement.
  5. The cybersecurity/data privacy compliance and regulatory environment is dynamic and especially complex to keep up with for multi-nationals. Consulting firms with local and specialized cybersecurity and legal expertise on a global scale are a crucial component to establishing and maintaining compliance across all geographical locations.

A company will never be 100% secure from a cyber-attack, but engaging with cybersecurity consulting experts will help minimize the risk and decrease vulnerabilities.

Happy National Cybersecurity Awareness Month.

Erin is the Senior Analyst and Lead for IT Consulting Research for Kennedy Consulting Research & Advisory

Service Line: