As cyber attacks grow in sophistication, more businesses are using Security Operation Centres (SOCs) and relying on Managed Security Service Providers (MSSPs) to help keep them secure, informed and in control. In December 2016, a McAfee Labs Threat Report identified that "almost nine out of 10 organisations have an internal or external SOC and 64% use MSSPs".
It goes without saying that employing a MSSP should make managing your cyber security easier. They work with you, not against you. They add value by providing specialist services and skills which are high in demand, but low in supply.
But that's not always the case. Are you confident your MSSP is adding value? Ask yourself the following five questions.
1. Do you have confidence in your security partner?
Are you secure? Can you be confident your IT estate hasn’t been compromised? If you don't know, your MSSP has already fallen at the first hurdle. In the event of a security breach, average dwell times before detection are in excess of 100 days. During this time, cyber criminals could be monitoring your IT estate, extracting sensitive data, infecting systems, or biding their time to create the biggest impact and reap the greatest reward.
Your MSSP should have a proactive mentality, assuming compromise and actively hunting for signs of infection. Therefore if a breach occurs, dwell time is only a matter of days or minutes, and remediation is swift to mitigate any damage done. This gives you confidence that your MSSP is attentive, keeping you secure and adding value.
2. Are you kept informed?
It might seem like a basic requirement, but does your MSSP keep you informed and up-to-date? If you have suffered a security incident, have you been told the implications, how it happened and how to prevent it from reoccurring? Understanding the risk and specific details of compromises is critical. You need clear answers, not just alerts.
DIY cyber security software can provide alerts, but your security partner should provide timely intelligence and expertise. With today's ever-evolving threat landscape, if intelligence is not the most up-to-date available, that makes you vulnerable. Make sure you get answers, or switch providers.
3. Are you in control?
MSSPs work with you to help manage your cyber security, and often take full control. However, handing over access can be a security flaw in itself, so make sure you have complete transparency. Set clear boundaries of what can be accessed freely and what requires authorisation.
If you question your MSSP’s judgement and they don’t provide a clear cut answer or allow further inspection, then how can you be sure what they are doing? Is it actually adding value?
4. Do they make your job easier?
A reputable MSSP will work aligned to your business goals. You have chosen them to provide a service which will free up your time, make your job easier and give you confidence that your business is secure. If you don’t have this peace of mind, or find you’re spending more time and resource on security tasks, then they aren’t adding the value they claim to be adding.
It is often the case that companies are paying significant amounts for services they aren’t using. It’s important to justify your IT security protection and measure return on investment (ROI). Always refer to your goals and if your MSSP isn’t aiding success or demonstrating true value for money, then is your budget really being spent wisely?
5. Are they discreet?
If your MSSP wants to shout about working with you, they are being counterproductive. Raising the profile of your defence solution can increase attractiveness – where’s the value in that?
Identify value, trust your partner
If you aren’t confident in your MSSP, take the first step towards working with a reputable partner who will add value. CORVID understands the importance of cyber security, and works in a reliable and discreet manner. The experienced team at CORVID will work with you to make sure you are secure, in control and have all the answers you need.
Need to switch?
Switching to CORVID is easy. The process is simple and there is no system downtime or disruption to users.
Still not sure? Read more about the benefits of switching to CORVID.
Cyber attackers are quietly appreciative of businesses across all sectors for making their job easier. With all the information they need to craft their attack laid out neatly in ...
Aside from the usual “strict diet and fitness regime starts on 1 January” resolution that everyone makes and forgets by February, now is the perfect time to take stock of your ...
Disruptive ransomware attacks on manufacturing businesses regularly make headlines. You’ve seen the stories – multinational manufacturing companies are locked out of their IT systems, ...