As cyber attacks grow in sophistication, more businesses are using Security Operation Centres (SOCs) and relying on Managed Security Service Providers (MSSPs) to help keep them secure, informed and in control. A McAfee Labs Threat Report, December 2016, identified; ‘almost nine out of 10 organisations have an internal or external SOC and 64% use MSSPs’.
Employing a MSSP should make managing your cyber security easier. They work with you, not against. They add value by providing specialist services and skills which are high in demand, but low in supply.
Are you confident your MSSP is adding value? Ask yourself the following five questions.
1. Do you have confidence in your security partner?
Are you secure? Can you be confident your IT estate hasn’t been compromised? If you do not know, your MSSP has already fallen at the first hurdle. In the event of a security breach, average industry dwell times before detection are in excess of 100 days. During this time cyber criminals could be monitoring your IT estate, extracting sensitive data, infecting systems, or biding their time to create the biggest impact and in receipt, greatest reward.
Your MSSP should have a proactive mentality, assuming compromise and actively hunting for infection. Therefore if a breach occurs, dwell time is a matter of days and remediation is swift to mitigate any damage done. Thus giving confidence that your MSSP is attentive, keeping you secure and so adding value.
2. Are you kept informed?
It might be evident but does your MSSP keep you informed and up-to-date? If you have suffered a security incident, have you been told the implications, how it happened and how to prevent it from reoccurring? Understanding the risk and specific details of compromises is critical. You should get answers, not just alerts.
DIY cyber security software can provide alerts; your security partner should provide timely intelligence and expertise. Also with the evolving threat landscape, if intelligence is not in date, that makes you vulnerable. So make sure you get answers or switch providers.
3. Are you in control?
MSSPs work with you to help manage cyber security and often take full control. However, handing over access can be a security flaw in itself. So you should have complete transparency. Introduce preliminaries of what can be accessed and what requires authorisation.
If you question your MSSP’s judgement and they don’t provide a clear cut answer or allow inspection, then what are they doing… is it adding value?
4. Do they make your job easier?
A reputable MSSP will work aligned to your business goals. You have chosen them to provide a service which will free up your time, make your job easier and give you confidence that your business is secure. If you don’t have this peace of mind, or find you’re spending more time and resource on security tasks, then they aren’t adding value.
It is often the case that companies are paying significant amounts for services they aren’t using. It’s important to justify your IT security protection and measure Return On Investment (ROI). Always refer to your goals and if your MSSP isn’t aiding success or demonstrating true value for money, then is your budget being spent wisely?
5. Are they discreet?
If your MSSP wants to shout about working with you, then they are being counterproductive. Raising the profile of your defence solution can increase attractiveness; so where’s the value in that?
Identify value, trust your partner
If you aren’t confident in your MSSP, then take the first step to work with a reputable partner who will add value. CORVID understands the importance of cyber security, is reliable and discreet. The experienced team at CORVID will work with you to make sure you are secure, in control and have the answers.
Need to switch?
Switching to CORVID as your MSSP is easy. The process is simple and there is no system downtime or user disruption.
CORVID provides a complimentary compromise assessment to those who are looking to switch so get in touch to make sure you get the value and protection you deserve.
Still not sure, find out more why you should switch to CORVID here.