The reasons for outsourcing your security to a Managed Security Service Provider (MSSP) can be many – starting from improving the quality of protection, through lack of security talent and restricted IT budgets. The explosion in security technologies and products is also not making the life of security and IT managers easier, as they struggle to identify the matching products within the maze of available solutions.
Shifting the responsibility to an MSSP with security expertise can greatly reduce the complexity of having to keep up with sophisticated threats that change rapidly.
Yet, placing your company’s security in the hands of a third-party provider might not be an easy decision, not only because of the psychological aspect, but the abundance of MSSPs offering their services. Finding the right MSSP is as important as finding the right staff for your company.
This post will highlight the value of using MSSPs services and help you focus on some of the most important considerations when evaluating and hiring a managed security service provider.
The Obvious Added Value
Partnering with an MSSP offers several benefits, including:
- Expertize. Top MSSPs can provide improved threat intelligence with highly specialized skills, helping you bridge the cyber security knowledge shortage.
- Relieving the workload burden. Handing over security tasks to an MSSP can help you remove the pressure from your internal IT/Security teams and free them up to focus on core operations.
- Up-to-date cyber security technology. Security threats’ technology are constantly evolving. The right MSSP can offer comprehensive technology and demonstrate it continually replaces new technology with even newer technology, to address the latest threats.
- Round-the-clock support. Top MSSPs can offer better security coverage with an established 24x7x365 security operation center (SOC) .
- Costs savings. Partnering with an MSSP reduces maintenance costs related to hardware/software upgrades as well as staff training.
- Migrating to SECaaS (Security as a Service) – Many MSSP’s services can be provided as cloud-based services, saving the need to invest in equipment purchasing and transferring the cost structure into pure Opex model
Defining Your Needs
This may be obvious, but the first step, prior to evaluating vendors, is articulating your goals:
Codify your requirements. You should be able to articulate the security processes (s) you want to solve and what is it exactly that you’re trying to secure. For example, do you need your MSSPs to simply watch alerts during off hours when your own staff is not available? Do you need advanced DDoS skills or experience that your team does not have? While you’re not the expert, you definitely don’t want to give the impression that you don’t know what you need.
Relationship ownership. Outsourcing security still requires a commitment. Decide on an internal member of your team that will own and manage the ongoing relationship with the MSSP. Even though you’ll be outsourcing the work, you still need to invest forethought and planning in advance for the engagement to be successful. It is easy to hire an MSSP and forget about it. Instead, you should understand the boundaries of the relationship – what exactly will the MSSP be responsible for, and what are your responsibilities?
What to Look for beyond Technology
As mentioned by the 2112 group, managing security requires more than technology and involves people, policy, process and product. Your evaluation, therefore, should include MSSPs that can demonstrate that they have the know-how and capabilities in all four of these areas.
People and skills are one of the most critical areas, which are often ignored. Today’s cybersecurity market has a serious talent shortage. It is estimated that as many as 1 million cybersecurity openings worldwide are going unfilled. The lack of expertise is, in fact, one of the key drivers for moving your security operations to an MSSPs. Make sure you qualify the MSSP engineers and staff behind the company managers and sales team.
- Are they subject matter experts for the solutions and services being provided?
- How many security analysts or engineers they have dedicated to their managed security clients.
- What certifications do they hold and are they required to maintain a certain level of certification?
- Can you get recommendations from existing customers? Make sure to get references!
Policy and process. Ask for full transparency and inquire about the policy and processes used by the MSSP to effectively investigate/manage incidents and mitigate attacks. Review any written policies, standards and procedures used by the vendor. Make sure that all requirements and responsibilities will be defined in a service level agreement, with important metrics specified, such as time-to-mitigate and to resolve issues.
Product. No two customers have the same requirements or network infrastructure. Make sure the solution/product offered by the MSSP takes into account the nuances of your business, as well as any existing security infrastructure already in place. The MSSP you work with should be able to customize the solution to protects your assets while aligning with your business goals.
By now it’s quite easy to conclude that outsourcing parts of your security to an MSSP delivers multiple benefits. You’ll quickly gain access to technology and expertise that would otherwise be difficult to reach or afford; you’ll eliminate the high costs involved in purchasing, implementing and maintaining hardware and software; you’ll avoid the long and tedious process of finding qualified security personnel who are in short supply; and above all – you’ll gain around-the-clock security coverage that enables fast response to security incidents without disrupting network performance and availability.
Still, you should find an MSSP partner that matches your needs and has the right level of expertise, security capabilities, responsiveness and customer support. Make sure, therefore, to use a methodical process and apply due diligence at the evaluation and hiring stage. Overall it should be worth it!
Jacob is the Sales Director at SecurityDAM, with 15 years of experience in sales management.
He is responsible for building a loyal, motivated and self-sufficient ecosystem of partners to increase CSecurityDAM’s market reach, with the strategic goal of creating new opportunities for both the company and our business partners. Jacob holds a B.Sc degree in Electronic Engineering and M.Sc degree in Computer Science from the Polytechnic University, New-York, N.Y.