The world of managed security services is changing rapidly, expanding with Managed Detection and Response (MDR) services. According to Gartner’s 2018 Market Guide for Managed Detection and Response Services, 15 percent of organizations will be using MDR services by 2020, up from less than 5 percent today. This new turnkey approach is designed to accelerate threat discovery and response time, but what is MDR? How is it different from traditional services provided by MSSPs, and how do you know if you need it? Let’s take a look.
While most enterprises are familiar with MSSPs, many professionals are still familiarizing themselves with MDR. Reaching beyond traditional security services (including technology management and threat monitoring), MDR adds advanced threat detection, threat intelligence capabilities and incident response. I have heard analysts simplify it as the difference between ordinary monitoring services that simply hand the customer a list of prioritized alerts with suggested action items and an extended service where the MSSP is actually taking an active role inside the customer’s environment.
The key element here is response.
With a team of outside experts “fighting battles” on your behalf, the upside is clear. When existing internal IT resources can’t monitor threats in real-time and lack the responsiveness needed to act on those risks, MDR is the solution.
Using a combination of technology and human resources, MDR services focus on advanced threat detection and mitigation. MDR partners look for attackers that have infiltrated the perimeter of the IT environment–cloud or on-premise. It’s an all-encompassing solution that typically includes:
Filtering security noise to identify what’s real, what’s important, and what’s the most dangerous, MDR partners leverage best practices in response and work collaboratively with the customer to build shared playbooks that enable continuous improvement.
MDR can take enterprises from overwhelmed to empowered with:
While an improved security posture might be enough to sway your investment, another benefit surfaces when you consider the cybersecurity skills shortage and cost of employee churn. Building in-house security teams presents serious challenges. According to a 2018 Ponemon Institute study, 57% of companies are unable to hire the appropriate staff to deal with cyber attacks.
MDR is particularly helpful for IT leaders who:
How much should you spend on security and what are three primary criteria for evaluating MDR partners? Get the answers in this MSSP Survival Guide.
The continually overtasked IT team is one of the key reasons MDR is a ballooning industry. With the rapid expansion of endpoint visibility and control alongside the rising adoption of cloud apps and services, many enterprises have failed to support technologies from a personnel and skill set perspective. IT leaders recognize the need for the extra coverage but struggle to deliver support on a 24/7, real-time basis. Therefore, investments go underutilized and systems go inadequately secured. As these dynamics collide with recent rises in cybersecurity and ransomware attacks, the stage is set for MDR. Enterprises are asking for more help with security tasks, and MSSPs are more than willing to step up to the job.
When you’re ready to customize an MDR solution for your enterprise, call on the security experts at Masergy.
Like this article? Download the eGuide here.
What pivots do IT executives need to succeed in the new COVID-19 reality? ZK Research and Masergy lead a discussion on lessons learned.
SD-WAN is giving way for terms like SD-Branch. Understand the benefits and how SD-Branch is addressing security challenges at the network edge.
Here’s a guide to understanding the value of user identity analytics and why these details are increasingly important for security today and network automation tomorrow.