ADVERTISEMENT
muddy now.The same thing goes with managed security service providers.” Still, in cases where Towerwall resells a tool that a customer needs to have managed—such as a security information and event management (SIEM) or endpoint detection and response (EDR) product—customers are often looking to bundle in management of those tools. That’s when Towerwall’s partnership with Avertium comes into play. Avertium operates two “cyber fusion” operations centers in the U.S. that are staffed 24x7 by security analysts, providing the continuous monitoring that is increasingly a must-have for many businesses for compliance reasons. Providers of managed security services usually offer a lot more than just managed detection and response (MDR), a fast-growing cybersecurity category often focused on management of endpoint detection tools. Many solution providers and MSPs partner with MDR vendors to bring essential threat detection capabilities to their customers, though managed security services offers a more comprehensive approach that many organiza- tions are looking for. “[Managed security services] is like the department store of security,” said Pete Shoard, vice president and analyst at research firm Gartner. “MDR is a much smaller slice. MDR is like one of the boutique retailers in the department store.” While managed security services can comprise a range of offerings and levels of involvement, it typically requires operating a SOC that offers around-the- clock security monitoring.That usually entails SIEM and EDR administration, threat intelligence, automation and advisory services, said Eron Howard, COO of Novacoast, a large MSSP based in Wichita, Kan. “Running a good MSSP that’s actually doing 24x7 SOC coverage is not trivial. It’s taken us years to learn to get it right.And it’s super nuanced,” Howard said. Compared with professional services around security, with managed security services, “you can’t just jump into it as easily,” he said. MSSP Challenges Even for well-resourced organizations, getting a SOC up and running—and hiring the necessary talent from a coveted pool of professionals—can pose massive hurdles, MSSP executives told CRN . For instance, management consulting firm MorganFranklin Consulting launched its line of managed security services about a year ago.A few months in, the McLean,Va.-based company hired SOC veteran Justin Klein Keane from Meta, where he was the manager of internal detection and response. “I think they learned very quickly how challenging it is, which is part of the reason they hired me, because I’ve done this before,” Klein Keane said. “Standing up these services is not just logistically challenging, but providing a compelling value proposition to potential customers is also really hard.” For example, articulating what a customer will get at different price points for managed security services can be particularly tricky for those who haven’t done it before, according to Klein Keane, who is director of MorganFranklin Consulting’s SOC. The actual day-to-day work of serving as an outsourced security operations team for customers is notoriously difficult as well. “In security operations, you are responding to alerts of anomalous activity and then having staff actually conduct investigations to make determinations, whether that is a malicious anomaly or a benign anomaly. Or if it’s just an outlier, maybe the detection needs to be tuned,” Klein Keane said. “Whenever you make those judgment calls, there is risk that you get it wrong.And there’s
Strengthen Client Relationships and Build True Cyber Resilience
Cyber Experts on Standby Across 19 Countries 650+
Cyber Incidents Handled Every Year Worldwide 3000+
Net Promoter Score for MDR 93%
Lifetime Value Over 5 Years 10X
Join the Kroll Cyber Partner Program today kroll.com/partners
65
JUNE 2023
Made with FlippingBook interactive PDF creator