Cohesity has extended its Cyber Event Response Team (CERT) service to include third-party providers of incident response platforms, including Palo Alto Networks Unit 42, Arctic Wolf, Sophos, Fenix24 and Semperis.

Chris Hoff, senior product marketing manager for Cohesity, said the goal is to make it simpler for organizations to invoke a backup and recovery service, at the moment a cybersecurity incident is discovered.

Ultimately, the biggest cost of any cybersecurity incident is downtime, noted Hoff. The longer it takes to identify and remediate issues the more financial pain there is going to be, he added.

The Cohesity CERT service is designed to provide organizations with additional recovery expertise at what is usually one of the most trying moments they are likely to endure. One of the reasons so many organizations capitulate to ransomware demands is that it simply takes them too long to recover pristine copies of their data. The cost of the downtime to the business is usually a lot higher than the actual ransomware demand. Cybercriminals have in recent years become a lot more adept at estimating the cost of downtime to a business as part of an effort to determine just how much money to demand for returning access to data.

Most organizations can’t afford to fully staff a cybersecurity team that would be required to deal with a major cybersecurity incident that is only going to randomly occur. Cohesity is making a case for a service that organizations can invoke to augment whatever cybersecurity expertise an organization might have. The alliances with third-party vendors help reduce the cost of delivering that service by ensuring application programming interfaces (APIs) between incident response and data protection platforms are already in place, said Hoff.

The Cohesity CERT service also leverages a Data Security Alliance that Cohesity created to make simpler data across a wide range of cybersecurity tools and platforms, he added.

As the volume and sophistication of cyberattacks continue to grow, the number of incidents that organizations need to manage is only going to increase. Most organizations are already finding it difficult to hire and retain cybersecurity expertise so the only way to fill that gap is to rely more on external services.

There is, of course, no shortage of cybersecurity services that organizations can employ. The challenge now is determining which cybersecurity roles and functions should be managed by an internal team versus relying on a service that charges a fee for delivering a specific set of capabilities.

Regardless of approach, the cost of ensuring cybersecurity will continue to increase as the tactics and techniques employed by cybercriminals continue to evolve. While it may be feasible to reduce costs in some areas by rationalizing tools, each time a cybercriminal exploits a new attack vector it doesn’t obviate the need to continue to thwart the previous generation of cyberattacks. Cybercriminals will simply use every avenue available to achieve their aims.

Unfortunately, those cybercriminals, as always, only have to be right once to unleash all kinds of potential havoc that more organizations than anyone cares to admit are not prepared to handle.