FEATURE
Regulations: By outsourcing security,
CISOs may be addressing certain
regulations while moving away from
others. For instance, a regulation may
require 24x7 environment monitoring
so, by engaging a 24x7 security
monitoring service, this would be
addressed. Another regulation may
restrict the organisation’s ability to push
data outside the country which might
be violated by the security monitoring
service. CISOs therefore need to ensure
that they have reviewed applicable
restrictions and engaged with a provider
that addresses them.
Rapid response: The unfortunate
reality today is that no system can be
100% secure and security breaches are
inevitable. Hence incident response with
‘boots on the ground’ is a must. CISOs
must consider the MSSP’s incident
response SLAs to understand how soon
(hours/days) they can assign resources
and ensure availability of experts.
Permissions and accountability: To
successfully deliver security services,
MSSPs will almost definitely need to
login to the client’s environment remotely.
CISOs must therefore consider what kind
of visibility they can expect their MSSP
to require and whether they can provide
records of their access. Also, CISOs must
have a clear picture of what their MSSP’s
resources are doing and when.
KPIs: As an MSSP is an external
provider, CISOs need to have a well-
defined method of monitoring the quality
and effectiveness of their services. This
means ensuring the MSSP can provide
KPIs, incident reports, weekly/monthly
reports and customer portals that
matches business requirements.
Consistency: All humans are different
and so too are the security analysts
delivering the service. But a varied
service experience is not a desirable
characteristic in managed services.
CISOs must therefore understand what
measures/technology their MSSP has in
place to ensure all security incidents are
handled with quality and consistency.
Technology integrations: Businesses
get better results when things work
50
together. CISOs must determine how
their MSS partner enables technologies
to talk to each other to share intelligence
and enable orchestrated actions.
HARISH CHIB, VICE PRESIDENT,
HARISH
VICE PRESIDENT,
MEA AT CHIB,
SOPHOS
MIDDLE EAST AND AFRICA
console. They should have the right
tools which give you the flexibility
that matches your mobile needs
• Which is a proven security provider
A proven security provider ensures his
tools provide top of the line security
and protection. You are able to offer
secure, uninterrupted service to your
stakeholders because you’ve got them
covered against outside threats. The
MSSP should be working with the
right vendors who can provide next-
generation security that can combat
known and unknown threats. An
MSSP can be the first and last line of
defence against cyberthreats
RAJPREET
RAJPREET KAUR,
KAUR, SENIOR
RESEARCH
ANALYST, AT
SENIOR RESEARCH
GARTNER
ANALYST, AT GARTNER
The role of an MSSP has become
more ingrained and pivotal to many
SMBs, where the MSSP can sometimes
even rise to the level of a virtual CIO
for some clients. The word ‘virtual’
is the key when discussing next-gen
MSPs. On-site visits and standard set
business hours are no longer enough
– organisations need and expect their
MSSP support to be available on-
demand, 24–7.
Organisations should choose an MSSP
that matches their growing need of
security and business. They should
choose an MSSP which is adapting itself
according to the changing needs.
Choose an MSSP:
• Which can act as a virtual CIO
A good MSSP will be able to provide
both the high-level and user-level
guidance for your needs, acting as a
resource for the answers, software,
hardware and more
• Which is always available
Organisations are no longer tied
to one machine, one server or one
location and their corresponding
IT security needs have increased
accordingly. MSSPs should meet
these needs by being constantly
available, wherever and whenever –
through a SaaS-based management
• Clearly list the security services
requirements you have
• Outline them into deliverables
• Analyse the capabilities of your in-
house team
• Decide the type of model you are
looking for to utilise the MSSP – an
outsourced model or a hybrid model
(which will also involve your team)
• Design a clear scope of work
• Discuss the type of MSS partner
suitable for you, as discussed before
– an evolving mid-sized player, an
international player or established
local player
• If you are open to all the above, get
responses from one player from
each category
• Once you’ve checked the deliverables
and pricing, make a final call on
selecting the best provider for you u
Issue 06
|
www.intelligentciso.com