decrypting myths
More importantly, an MSSP’s ability to
readily bring many different and skilled
resources to the table in times of need is
a significant advantage for small teams.
MSSP services vary widely between
providers and may include monitoring
and alerting, device or policy
management, incident response,
threat hunting and more. Service level
agreement (SLA) options may vary as
well between providers.
For instance, here at Foresite we
provide monitored, co-managed and
fully-managed service models where we
can either act as an extension of our
customer’s IT department or we can fully
own the function depending on the goals
of the relationship.
Cybersecurity compliance frameworks
vary by region and industry but
fundamentally all necessitate, more or
less, many of the same requirements
including those around monitoring
corporate infrastructure, storage of logs,
incident and event handling. With this
mandate, companies must decide if they
want to fulfil these needs internally or
outsource some or all the functions to
an MSSP.
The cost benefit of outsourcing to
an MSSP vs DIY model is usually
significant with many businesses saving
upwards of 50% by the time they take
into consideration software licensing,
staffing, storage and facility costs.
Pricing models also vary among MSSPs
with some providers charging based on
throughput, per device, or some even on
staff augmentation in conjunction with
SIEM solutions.
At Foresite, we don’t provide staff
augmentation and we only deliver
services via our proprietary ProVision
platform; however, we can and do provide
both throughput and device-based pricing
depending on the circumstances.
We have found that most customers
prefer device pricing as it provides CIOs
68
MSSPs provide
elevated vigilance
around the clock
because threats
don’t take nights,
weekends and
holidays off.
and CISOs with an easy and quantifiable
way to allocate budget to security
operations as a service.
Once companies have decided to
partner with an MSSP, choosing the right
MSSP to partner with will make or break
the success of the initiative. We have
compiled a short checklist of areas to
consider while evaluating your options to
avoid common pitfalls:
1. Gain an understanding of
what software underpins the
MSSP solution
Everyone wants to be in the MSSP
business; however, MSSP platforms are
not commercially available for purchase.
Instead, many MSSPs are resigned
to piecing together several off-of-the-
shelf solutions – many of which are not
intended or designed for a multi-tenant
MSP environment. This could lead to
scalability issues, limited customisation
ability identified after inception and high
licensing costs passed on to you.
2. Thoroughly evaluate the
MSSP’s portal
Most, but not all MSSPs provide a
customer portal. A large portion of
your customer experience will derive
from the capabilities contained herein.
For example: is it intuitive, easy to use
and navigable? Can you get the right
reporting for your business? Can you
drill into raw log data on demand or
does your MSSP need to package it up
and send it to you?
3. Evaluate references
and experience
Let’s face it, talk is cheap and
experience counts. Take the time to
speak to real customers to understand
the value and relationship your MSSP
provides their customers.
4. How seriously does the MSSP
take their own security?
An MSSP will have access to sensitive
areas of your network and should
be managed as a critical vendor
Issue 12
|
www.intelligentciso.com