The use of Managed Security Service Providers (MSSP) in the last few years has become accepted by larger organisations as a solution to improving the efficacy of their cyber security defenses. The key drivers for this outsourcing remain the continued shortage of skilled cyber security professionals and the increasing complexity of modern cyber attack methodology. As often the way in a crowded and competitive cyber security market, the term ‘MSSP’ is being adopted by an increasingly large number of UK service providers. Given the strategic importance of cyber security, how can organisations identify and select a suitable MSSP that fully meets its needs?
The definition of an MSSP is neatly defined by Gartner as:
‘A managed security service provider (MSSP) provides outsourced monitoring and management of security devices and systems. Common services include managed firewall, intrusion detection, virtual private network, vulnerability scanning and anti-viral services. MSSPs use high-availability security operation centres (either from their own facilities or from other data centre providers) to provide 24/7 services designed to reduce the number of operational security personnel an enterprise needs to hire, train and retain to maintain an acceptable security posture.’
The benefits of using an MSSP include the following:
- – Significant cost advantage with a reduction in manpower and spend on technology
- – Immediate service delivery independent of delays in recruitment and training
- – Continuous monitoring of cyber security status on 24-hour x 7-day basis
- – Use of advanced technology particularly early threat detection and remediation
- – Access to knowledge of global threats and attack methodologies
- – Regular security health checks with automated and manual testing
- – Clear and concise management reports
Now available for smaller organisations
MSSP services have until recently been relatively expensive and only afforded by the larger enterprise. The ability of an MSSP to deliver its services will usually rely on its partnership with specialist security application vendors such as Alien Vault, Carbon Black and Cybereason. Many of these vendors are now using multi-tenanted, web services to enable rapid deployment and significantly reduce costs. The net result is that a few MSSP’s are now able to offer service packages with ‘subscription style’ prices as low as £30/user/month on an annual basis.
How do you select a Managed Security Service Provider?
All MSSP partners must offer the knowledge and technical solutions to identify vulnerabilities in your organisation before cyber criminals do. They must also detect threats that evade your defences before they have an impact. These services should rely on event and behavioural analysis that is underpinned by global threat information intelligence used to cross-check and correlate with the latest known attack methodologies.
Your MSSP must have the resources to protect your organisation by implementing the appropriate security controls. These should also include controls that manage the ‘insider-risk’ posed by any member of your own staff.
Ideally, you should also look for a service which provides a monitoring infrastructure that supports service logging and regular reports. A good MSSP will provide a Web interface with live data that can be shared by their engineers and your IT managers at any time.
Last but definitely not least; in the event of an attack, you will need immediate and managed remedial action to eliminate or reduce the impact of potential data loss, theft or loss of reputation.
Wizard Cyber is a Managed Security Service Provider (MSSP) and we are known for our flagship range of CYBERSHIELD MDR services. Functioning as your 24/7 cyber security operations centre, CYBERSHIELD MDR helps mitigate risk by continually monitoring critical IT infrastructure, endpoint and user activity. Suspicious threats are detected using advanced behavioural analytics and immediate remediation action is taken as required.