Last week, Delta Risk hosted a webinar on the topic of “Forecasting the Future of Managed Security: Why You Need a Modern MSSP.” Delta Risk Solutions Expert Stephanie Ewing was the moderator for this presentation, and Vice President of Managed Security John Hawley was the presenter for this live broadcast (view the on-demand version). In today’s blog we take a brief look at the survey results and some of the questions posed by our audience.
One of the topics discussed in the webinar was how organizations value managed security services providers (MSSPs), and what their key business drivers are for choosing an MSSP. In response to the first poll question, “Are you currently using an MSSP to help manage security?” an equal 37 percent of respondents said they have an MSSP, while 37 percent said they don’t. Meanwhile, 16 percent either weren’t sure or have another solution.
Answering the second poll question, “What criteria are most important for selecting an MSSP?” more than half the audience (54 percent) indicated they were looking for a provider that offers both managed services and security consulting services, 27 percent wanted simple pricing and packaging, and 19 percent wanted transparency of activities.
Here’s a recap of questions from the webinar audience and some additional insights from our presenters.
Stephanie: What does it mean to be a cloud-ready MSSP, and what are your recommendations for choosing one?
John: You have to think about whether the provider is set up to manage and collect all levels of cloud activity and to help customers understand the threats and configurations within those cloud environments. Can they help you figure out what’s going on with effective reporting, and perhaps even more important, are they experienced at conducting assessments to help with proactive protection? They should also have incident response experience to support investigations and triage in cloud environments.
Stephanie: Is Managed Detection and Response (MDR) just marketing hype?
John: It’s definitely more than hype. For the modern MSSP, MDR should already be baked into the services they’re offering. An MSSP’s ability to offer this supportive technology is important. At times, organizations will pull in separate MDR capabilities, but a leading MSSP should be able to deliver the complete solution set.
Stephanie: Would you say Endpoint Detection & Response (EDR) is part of MDR, which is all part of MSSP? How would you map them all out?
John: Any time you see new technology enter the market, it tends to be a standalone piece. Organizations are trying to figure out how to consume it and build it into existing models. That’s what we’re seeing with EDR and MDR, as it grows and becomes more mature, it becomes part of a superset of a modern MSSP.
Stephanie: What are the most important criteria to look for in a “complete” MSSP?
John: Customers need people help, they need process help, and they need technology help. To better provide those capabilities, MSSPs need to be collaborative, they need to be co-managed to gain insights, they need to have a cloud-ready approach to help organizations move to these environments, and a “complete” provider to set up an end-to-end partnership. Whether you’re looking to change your MSSP or embarking on a search for the first time, beyond the basic RFP considerations, this the type of model you should look for when making a decision.
Stephanie: One of the pain points I’ve seen in my experiences as a consultant is the amount of time an MSSP spends during the onboarding phase. Sometimes they can take too long, leading to dissatisfied customers. How quickly should an MSSP get you up and running?
John: The time required for onboarding may vary due to the size and complexity of the client’s environment, but the MSSP needs to be ready to engage. The MSSP should be an extension of your overarching security team from the beginning. The roles and responsibilities should be well-defined up front. They should be part of the implementation and initial engagement process to not only make sure everything is running properly, but to also make sure everyone is satisfied. Ideally the MSSP should utilize project management methodology to help drive the implementation plan, track the completion of critical tasks, and ensure things stay on schedule.
If you missed the webinar, you can tune in to the on-demand version now. You can also download our guide, “Top 10 Tips for Selecting an MSSP,” to learn more about the questions you should ask prospective MSSPs.