Once a threat is detected, the threat-management system should prioritize responses by factoring in business context to help expedite support to the parts of the business that will be most affected. Doing so will require a database of relevant information—such as asset inventories, sensitive data types and infrastructure—to intelligently filter, prioritize and contextualize threats. The complexity and scope of real-time threat management may require the expertise of a TOC, which can employ sophisticated, cloud-powered analytic techniques to deliver rapid insights into cyber-risks. TOC teams do so by providing real-time, 24/7 monitoring as well as targeted searches and analytics on an organization’s historical security data. After a threat intelligence solution has been designed and deployed, businesses often find it a challenge to operate and continually improve the system. Increasingly, they are turning to managed security services to help monitor the digital ecosystem, respond to incidents and share threat intelligence. Managed security services can also help businesses address two other ongoing challenges: The global shortage of skilled cybersecurity workers and perennial budget constraints. The cybersecurity talent squeeze, in particular, is likely to drive more organizations to turn to third parties for help running some or all of their security programs. It is also likely to change the business case for managed security services. “We think there’s a market that is focused on the difference between the talent that exists in an organization and low-cost routine managed services,” said O’Hara. “We see a new model for managed services that provides value-add to a business and access to talent that companies cannot employ full-time on their payroll .” In other words, managed security services is an outsourcing model that may redefine how businesses operate their cybersecurity and privacy programs. 15 Key findings from The Global State of Information Security® Survey 2017 © 2016 PwC