April 22, 2020 By Douglas Bonderud 4 min read

The constantly changing threat landscape makes a robust security program a moving target. But defenders aren’t standing still — from advanced artificial intelligence (AI) to real-time threat detection and adaptive risk protection, cybersecurity services are evolving to offer IT teams the breadth of knowledge and depth of functionality they need to rally against emerging risks.

The challenge lies in recognizing and reducing complexity. As the volume and value of information security initiatives expand, it’s easy for teams to lose focus on fundamentals and get caught out of position. Managed security services provider (MSSP) frameworks offer a potential solution — but only when they are used effectively. Understanding the basic benefits of managed security, its key strengths and when to call on those strengths can help you organize your managed security tool timelines.

Learn more

Best of Breed — Building a Better Roster

The idea behind MSSPs is simple: They empower enterprises to offload some (or all) of their cybersecurity management and monitoring needs. Think of this as the natural evolution of familiar security software, bolstered by mobile devices, cloud connections and on-demand analysis.

In effect, a managed security services provider lets you build out infosec rosters without the need for intensive and in-depth industry talent scouting, while the component characteristics of MSSPs make it possible to leverage key operational benefits, such as:

  • Incident response (IR) assessment: While many companies now have incident response plans, research from the Ponemon Institute found that 77 percent of organizations haven’t “applied [them] consistently across the enterprise.” Part of the problem stems from design and deployment — legacy systems and tools can make key functions frustrating, and standing departmental and geographical siloing may also contribute to this concern. MSSPs can help organizations assess current IR plans and develop new approaches that deliver on demand.
  • Outsourced expert assistance: With the cybersecurity skills gap growing, finding and recruiting great talent is now more difficult than ever. Managed cybersecurity services make it possible to leverage outside expertise without the work of posting positions, conducting interviews and onboarding new staff.
  • Best practice application: Security best practices are constantly evolving. From ITIL incident management frameworks to NIST guidelines and Zero Trust models, it’s common for IT teams to get bogged down in details, even as day-to-day operations shift out of line with key security considerations. MSSPs deliver best-of-breed solutions that ensure current practices align with industry expectations.
  • Budgetary assignment: As Tech Target notes, MSSPs can help manage and assign security budgets by reducing software and hardware spending. More importantly, MSSPs can help drive cost-effective cybersecurity by pairing immediate needs with specific services, rather than generalized tools.
  • Compliance administration: Compliance is now critical for enterprise IT. Under regulations like the GDPR, HIPAA and CCPA, secure data handling isn’t optional. Many managed providers are now certified to handle compliance requirements, which means they’ve put in the time and effort to develop policies, practices and procedures that meet evolving guidelines.

These benefits form the foundation of C-suite support. By articulating the line-of-business advantages offered by outsourced initiatives, IT teams can look to persuade hesitant executive stakeholders.

Identifying Specific MSSP Strengths

MSSPs aren’t always the ideal investment. Consider the example of internally generated health care data that requires maximum compliance under HIPAA regulations. While it’s possible to leverage MSSP options as a way to secure this information, the inherent complexity of granting third-party access or shifting key storage locations could increase overall risk. In this case on-site, situational security response may be the best choice.

Just as public clouds and bring-your-own-device (BYOD) networks offer line-of-business advantages when companies play to their strengths, MSSPs provide greater protective potential when companies cut through the noise to identify specific skill sets. While every provider takes their own approach to managed security at scale, some common areas of expertise include:

  • Risk identification and detection: Again, MSSPs can help organizations build out effective IR plans at scale, and they also deliver the specific services of risk identification and detection. Not only do advanced frameworks detect and stop threats, they are also capable of organizing and automating incident response.
  • Threat management: Security teams are taking back their infosec environments, but they can’t do it alone. The scope and scale of resources offered by top-tier MSSPs makes it possible for organizations to hunt down and eliminate threats before they infiltrate key systems.
  • Data security: Effective data security isn’t just about great encryption. It also requires consistent, continual monitoring of key data assets at rest and in transit. The depth of infosec resources offered by leading MSSPs makes it possible to track the scope of data security and can grant an enterprise peace of mind.
  • Cloud service deployment: With many organizations now leveraging a multicloud strategy to meet workload and performance demands, it’s easy for management requirements to outpace results. MSSPs offer the depth of expertise and technologies necessary to reduce multicloud complications.
  • Infosec education: Ninety-six percent of organizations agree that cybersecurity awareness training “was at least somewhat effective” in reducing infosec incidents, according to a survey conducted by the Canadian Internet Registration Authority. But deploying cross-enterprise education plans isn’t easy. MSSPs can help design and deliver training across silos and departments at scale.

It’s Go Time — Bringing in the Heavy Hitters

You’ve shown the C-suite why leveraging an MSSP makes sense, you’ve identified key use cases based on your specific needs, and you’ve found a best-of-breed provider that meets your budget and business model. Now it’s time to answer the greatest question of all: When?

When does it make the most sense to adopt managed security services provider solutions? Is it when your on-site security is stretched to its limit, or before security challenges occur?

Put simply, is adoption best served by immediate priorities or proactive assessments? Let’s break down each approach.

As Needed

This approach has the advantage of immediacy. You identify infosec needs and lean on MSSPs for exactly what you need. Cost management often drives the right-now response: Why spend more for services you might not need when enterprises can outsource security as specific needs arise?

The potential drawback is speed. Even as companies are identifying resource and staffing shortfalls and contacting providers, attackers are on the move. By the time new solutions and services are up and running, immediate needs may have evolved into rapidly expanding infosec issues. Security is a moving target, and right-now rollouts may miss the mark.

Proactive Planning

Discussions about proactive MSSP measures can bring up concerns around overspending, as partnering with managed service providers comes with both initial and ongoing costs. But proactive assessment offers two key advantages: familiarity and framework. Providers already familiar with your network and service environment can build out security platforms that meet current needs while simultaneously developing long-term frameworks that account for, and defend against, evolving security threats.

MSSPs offer broad benefits and specific strengths to help improve enterprise security. Making the call requires more than a pros-and-cons checklist. Enterprises must assess current strategy and evaluate potential timelines to identify their best-fit approach to MSSP adoption.

See how IBM MSS delivers effective actions, insights and reporting for security.

More from Security Services

How a new wave of deepfake-driven cyber crime targets businesses

5 min read - As deepfake attacks on businesses dominate news headlines, detection experts are gathering valuable insights into how these attacks came into being and the vulnerabilities they exploit. Between 2023 and 2024, frequent phishing and social engineering campaigns led to account hijacking and theft of assets and data, identity theft, and reputational damage to businesses across industries. Call centers of major banks and financial institutions are now overwhelmed by an onslaught of deepfake calls using voice cloning technology in efforts to break…

What should Security Operations teams take away from the IBM X-Force 2024 Threat Intelligence Index?

3 min read - The IBM X-Force 2024 Threat Intelligence Index has been released. The headlines are in and among them are the fact that a global identity crisis is emerging. X-Force noted a 71% increase year-to-year in attacks using valid credentials.In this blog post, I’ll explore three cybersecurity recommendations from the Threat Intelligence Index, and define a checklist your Security Operations Center (SOC) should consider as you help your organization manage identity risk.The report identified six action items:Remove identity silosReduce the risk of…

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today