March 26, 2018
For any organisation, partnering with a Managed Security Service Provider (MSSP) is now a necessity given the frequency and complexity of the advanced cyber threats we face – daily.
In addition to the cost and complexity of setting up and operating a 24/7 SOC (Security Operations Centre), organisations simply cannot keep pace with the sophistication, diversity and scale on their own. Teaming up with an MSSP is now a security best practice, helping avoid data breaches (and aiding compliance with GDPR), as well as keeping costs and resources focused on core business objectives.
So what questions should you ask if you’re outsourcing your Managed Security Services?
You’re searching for an MSSP. It is a really important decision – a partnership, where both parties will invest time and energy to help safeguard your Enterprise.
Before you start, it is important to remember that partnering with a Managed Security Provider provides a number of ancillary benefits – helping remove pressure from your internal IT teams, ensuring they can concentrate on performing core operations and enabling the business.
In most cases, on-going business and IT transformation projects go hand-in-hand with security. As your workforce become increasingly mobile, how with this impact your security?
Essential Requirements of a Top-Tier MSSP
- 24x7x365 security monitoring & support
- In-house expertise – across technologies
- Virtual SOC – and virtual NOC
- Technology implementation
- Customer focus
With this simple check list, you’ll be able to narrow down your search for an MSSP that stands out from the rest.
1. 24x7x365 Security Monitoring & Monitoring
Having full round-the-clock security monitoring and support is a necessity. Hackers (and other threats) do not just happen between 9-5, unfortunately.
While it may seem like a given, the investment required in facilities and human resources required to provide a 24/7 security monitoring facility is significant. For this reason, many security teams operate with ‘eyes-on-screen’ between 9-5. If that’s the case, then you are at significant risk – and no better off than an in-house team.
As we’ve seen with WannaCry, attacks can occur at any time, it’s crucial that the MSSP you consider offers 24/7 security monitoring and support.
In particular, with the increased compliance requirements of GDPR, you will want to know that you’ve left your IT security in safe hands – someone who will not just identify, but neutralise and remediate security threats, day or night.
2. In-House Expertise – Across Technologies
Of course, you’d expect an MSSP to be an expert in what they do. But you cannot assume an MSSP will have capabilities in all areas. There is simply no substitute for knowledge and experience. MSSPs which employ the industry’s brightest minds, across security monitoring, threat anomaly detection, perimeter security, mobile security, as well as network and cloud architecture – will be the ones that are best placed to assess and protect your digital assets.
The leading MSSPs will also have in-house researchers and industry-recognised specialists as part of their security operations team, with advanced expertise and capabilities in real-life situations – and employ the latest tools, technologies and threat intelligence to protect your organisation.
3. Virtual SOC and Virtual NOC
Something that really separates a top-tier MSSP from the competition is one that boasts the resources of a Network Operations Centre (NOC), as well as a Security Operations Centre (SOC).
While SOCs vary from a small room with a couple of monitors to state-of-the-art cyber incident centres, they’re all set up to detect, analyse and respond to cyber security incidents with a mix of people, processes and technologies. it is very true that better resources will lead to a better security outcome.
In addition to providing post-incident analysis to help reduce downtime and revenue loss, if the MSSP you’re selecting also has a NOC, then you’re also significantly improving the integration, understanding and capabilities of your security partner.
A 24×7 NOC provides additional capabilities to call upon, whether consultancy advice, outsourced services – always with security central to the conversation. It is peace of mind that a fully-trained expert will always watch your network – whether assisting to patch critical security updates, or advising on the security considerations for your mobile workforce.
4. Technology Implementation
Not all security technologies are equal. It is a constant challenge and investment (in £ and resource) for any organisation to research, procure and deploy the best security technologies.
The advantage for an MSSP is that they have an efficiency of scale, as well as a dedicated focus to implement and integrate the best and newest security technologies with well-honed systems and processes.
Cyber criminals will always show ingenuity and agility, to alter their attack tactics to exploit new vulnerabilities. So it’s important that the MSSP you consider has a highly tuned and proven mix of both established and new security technologies.
Today, security has moved beyond AV and firewall. At the heart of any SOC will sit a SIEM (Security Incident & Event Management) platform. With a SIEM, the more data you can filter and analyse, the greater intelligence and visibility your security monitoring operations can obtain.
5. Customer Focus
What has customer focus got to do with security? An effective cyber defence strategy should not lose sight of your overall business objectives.
More than a defence strategy, a secure IT infrastructure will help you achieve your ambitious business goals, whether acquiring and integrating new business units, rolloing out new mobile apps, or building an online customer portal.
A top tier MSSP should be highly qualified in every area of security, but should also understand the unique needs of your organisation, your customers, business goals and outcomes along with any concerns you have.
So, a top tier MSSP should offer flexibility in customising any solution, rather than a ‘one-size-fits-all’ approach – always with your overall business goals in mind.
Further Reading
- WSUS and SCCM third-party patch management
- A buyer’s guide to Patch Management Software
- On-demand webinar: How to develop security vulnerability management programmes
- What is a Vulnerability Scan and does my company need one?
- Pros and cons of outsourcing your Cyber Security – In-house, MSSP, or Virtual SOC?