Managed Threat Detection and Response: A Guide to Finding a Trusted Security Partner

Posted on May 28, 2019

With security tasks and responsibilities expanding indefinitely, enterprises large and small often lack the internal resources to do security right. The good news is, managed security service partners (MSSPs) are standing up to the task, eager to help. But the bad news is, deeper evaluations are needed today. After all, enterprises are hiring MSSPs to fight cyber attacks for them–asking partners to act on identified threats in place of their internal personnel. In the age of outsourced cyber-crime fighters, trust is essential and comprehensive assessments are required to pinpoint the most trustworthy “security ninjas.” Here are the key requirements to look for in managed detection and response services and the single-most important factor every executive should use to evaluate prospective partners.

Managed Detection and Response Services: Key Criteria

Internal network activity, endpoints, and remote users must all be continuously monitored for a potential security compromise. This leaves massive amounts of information for enterprise security teams to decipher and little (or even no time) to actually react to the identified threats. Response is the last yet most important step!

In these cases, managed detection and response services are helpful. These services take traditional managed security monitoring services one step further, actually acting on behalf of the customer (the in-house IT team) to mitigate the threats. When shopping these extended services, you’ll want a team that will act as a natural extension of your internal team. Look for a provider that is willing to design a program and process around your existing security operations.

Key Criteria Include:

Managed Detection and Response: Must-Have Tools & Services

Network Visibility Tools and Analytics

When every minute an attacker has inside your network means more potential to do harm, responsiveness is critical. To make the fastest, most accurate threat evaluation, security analysts need historical network activity as well as real-time information. This is why complete network visibility can reduce the amount of time it takes your partner to assess threats and react. Advanced visibility tools mean faster service across all stages–threat awareness, examination, identification, confirmation, and response.

Network Visibility Technology Requirements:

Flexible Capabilities Addressing SD-WAN, Cloud, and On-Premise Environments

When your IT infrastructure spans the gamut–including on-premise, cloud, and hybrid environments including SD-WAN–your partner’s security capabilities should be able to cover that entire IT landscape. A full stack of technology options and services are needed to protect all types of assets on a global scale. To ensure each IT environment, application, location, user, and device is securely monitored and managed, look for a partner that caters to today’s multi-cloud, digitally transforming enterprise.

Key Tools and Services Include:

Solution design flexibility can also make a big difference. The most agile solutions allow you to select and use the technologies that fill your specific security gaps, turning off and on the tools you need. With a customizable set of offerings that easily integrate into your IT environment, you should be able to continually add or subtract services as you evolve with more cloud applications, end-users, and connected devices.

Finding a Trusted Partner: The Single Most Important Factor

The world is abuzz with artificial intelligence, machine learning, and behavioral analytics that get closer to simulating human decision making. While modern technologies add immense value to defense mechanisms, these advances shouldn’t overshadow the continued importance of human talent. Still considered 50% of the success equation, experienced security professionals remain the single most valuable element in strengthening any enterprise security posture. As such, the human factor should be a mainstay in your decision-making criteria.

Talent Factors Include:

Masergy earns the trust of IT decision-makers with Net Promoter Scores of 70+ and a portfolio of managed services spanning security, SD-WAN, and cloud communications. When you’re ready to talk about managed detection and response for your organization, invite us to the conversation. Contact us today for a free consultation.

Trevor Parks

Trevor Parks is the director for security solutions at Masergy. He is responsible for guiding the development, evolution and implementation of Masergy's Unified Enterprise Security services platform. Trevor contributed to the development of the patented Network Behavioral Analysis technology at the core of the Masergy’s security solutions aimed at detecting APTs and other advanced threats effecting customer networks.

Related Content