2. You might need to give up on some of the investments you’ve made.
The taxi driver doesn’t care if you have a fuel can in your basement – you cannot utilize that investment. Let’s take endpoint protection, for the SoC example. A lot of SMEs are using technologies that do not support a SoC mode (meaning you cannot collect audit and event information centrally). And they will have to adopt technologies that do. Moreover, since a SoC-as-a-Service provider can’t manage a large diversified technological stack, it will require the company to use only the technology it supports.
3. You don’t receive individual treatment.
When you are buying a car, you can pick your own configuration, you can fill up at your favorite gas station or use the oil you like best. When you are getting a taxi, you don’t get to choose any of these. Same with SoC aaS – you get the same or similar technology stack, same processes, same SLA, same everything as every other customer of this service.
4. You have to trust the provider (probably the hardest thing).
In general, the Cyber Security business is all about trust. When you give someone that level of access into what is happening in your organization, you actually entrust your business to them. It is very hard for an organization to put so much trust in external entities and it requires time to build it.
Until recently (and even continuing) providers told companies to take measures to detect insider threats. And now they are telling customers to trust them with all their data. Well, it might take a while to convince them.
5. Few companies are providing a real end-to-end SoC aaS.
Because of all of the above, the demand is gaining momentum only slowly. Nevertheless, researchers expect this market to grow by 300% in the next 5 years. And it is already showing – customers are starting to ask, vendors are preparing their technologies to match that model, service providers are building their concepts and business cases.