2022/07/13 Update: We have updated this post to reflect the most relevant and recent questions, resources, and context for your managed security provider.
As business leaders, we are hardwired to reflect on every purchase. The benefit of reflection is that it allows the opportunity to sort through observations, augment what works, and consider alternatives for what does not. This strategic pause is encouraged to screen for quality, refine your search, ensure that what is being sold is aligned with your needs, and cinch the decision-making process.
You could ask yourself these questions:
Have the offerings and outcomes of my managed security service provider (MSSP) added business value?
What features vital to my business needs are missing?
What service updates need to be made?
Use your answers as a guide in subsequent conversations with your cybersecurity vendor. The point is to always have an accurate picture of the performance outcomes of your Managed Security Service Providers (MSSPs) .
Our query bank is filled with questions from prospective customers about ActZero’s MDR solution. In this post we will answer your burning questions by highlighting five assessment criteria in the form of question-and-answer scenarios. Our goal is to help you better identify product/service value, ascertain the specific outcomes to expect upon delivery, and communicate an accurate report to your management team.
1) What happens if I get hacked?
The purpose of this question is to examine your existing contingencies and the answer is likely to uncover areas for improvement. If a breach occurs, do you have the appropriate security measures in place to contain the threat? If your answer is no, the primary goal should then be to bridge the disclosed gaps for improved recovery time to get you back to business pronto.
Another way to look at this is…
When a data breach occurs, what you need to do and fast is fight back! But to do this and successfully, you must strengthen your security posture with awareness and a mindset of continuous improvement. Your state of preparedness is determined by how much you know about your security landscape, including the key capabilities offered by your Managed Security Service Provider (MSSP), or Managed Detection and Response (MDR) solution. Also vital is your knowledge of internal responsibilities, i.e., what is your security team responsible for, vs. the security providers?
To learn more on how to choose what is best for your business needs, download our information-packed eBook, MDR or MSSP for Cybersecurity.
2) What does my MSSP do after I receive an alert?
At this critical point, you start to see the benefit of having an in-depth discussion with your security provider.
Are you getting a full-service solution with in-built 24/7 monitoring? Does the service extend to proactive identification of emerging threats, blocking the threat, and a swift remediation of systems damaged by hackers? Who is liable for response, patching, and investigation? Now imagine it was 4a.m. on Superbowl Sunday. With this curve ball, how confident are you in the efficacy of your MSSP?
Your answers to these questions have implications, not only for your value assessment (i.e., efficiency, time to value, reduction of risk, etc.), but your incident response plan also.
An effective response to a cybersecurity incident of any kind, data breach or ransomware, hinges on clarifying and communicating the team’s responsibility and that of your security provider. The proper division of labor yields a well-oiled machine that repels threat actors.
Everyone is susceptible to a breach. Why not see how your existing security solution stacks up. For a more direct comparison schedule a complimentary Ransomware Readiness Assessment today!
3) How do I show improvements in cybersecurity maturity to management?
As the saying goes, the proof is in the pudding.
The best way to show security maturity i.e., growth and evolution is to perform ongoing evaluations of the core capabilities of your cybersecurity services. These tests will determine your security needs and the required enhancements.
Remember that this is a continuous process, and so it helps to implement an iterative framework that allows for cross-functional documentation and fosters the accurate reporting of performance improvements.
An added benefit is having documented evidence to communicate lessons learned and promote knowledge transfer.
4) What data sources do MSSPs use to protect my organization?
Protecting your organization from cyberattacks is a challenge, and one that requires upscaling comprehensive research efforts to stay on top of emerging threats. To remain relevant and maintain effectiveness, MSSPs should use data sources that are wide-ranging, and do so continuously. The wealth of information acquired from this process can then be factored into your analytics and ensure that your security technology is up to date. This way you achieve the desired trifecta of vigilance, security, and cyber resilience.
In your search, look for protection based on Endpoint Detection and Response (EDR), network coverage, threat intelligence feeds, AI-based decision-making, and human-based threat hunting. This will help you understand the different offerings amongst providers so you can make an informed decision.
5) Do MSSPs offer advisory services?
Your environment is being monitored and that’s great. But are you aware of what is included in your security solution package?
For example, are you able to call your service agent on the go if you need specific information? Does your provider help with the Center for Internet Security (CIS) top 20 security controls, obtaining the Cybersecurity Maturity Model Certification 2.0, and upholding NIST 800-171 compliance?
Providers design security bundles differently, and often have a tiered system. So, be sure to confirm what advisory services are included in different packages so that your cybersecurity services are appropriately suited for your business security needs.
We wrote these questions to help in your search for cybersecurity vendors, specifically MDR providers, MSSPs offering managed SIEM, EDR, Firewall and a host of other internally managed solutions. We have gone a step further and designed an asset that is sure to aid your decision-making process. Download our goldmine cybersecurity vendor evaluation package for instant access.
Now that you are equipped with the right questions, why not reinforce them with the right tools? Download our free eBook MDR or MSSP for Cybersecurity for quick access to expert knowledge that will help you determine which is best suited for your organization.