TEAM EFFORT
Managed Security Basics For solution providers and MSPs that do want to explore expanding into managed security services, there are a few good places to start, channel executives told CRN . For instance, an MSP could start by acquiring an inexpensive SIEM platform and collecting logs from different systems, accord- ing to Stel Valavanis, founder and CEO of onShore Security, a Chicago-based MSSP. From there, it could begin to build processes around managing the data, policies and reporting, he said. By doing that work, “they can actually gain a lot of maturity in a pretty short time, if they really want to become an MSSP,” Valavanis said. However, he said, MSPs on this journey need to recognize that delivering managed security services requires a different
risk of impact for getting that wrong. I would advise any MSP to think very carefully about that risk.” An MSP might be convinced to add a managed security line of business on account of the revenue opportunity, but there’s a lot that needs to be thought through first, he said. “You need to think about, ‘How am I going to be able to staff this and provide the expertise in a way that I’m comfortable and confident that my team is making the right calls? And where I’m going to have the assurance that, if I faced a situation where someone made the wrong call and there was a calamitous busi- ness impact, that my position would be somehow defensible?’” Klein Keane said. Liability considerations should be top of mind for any solu- tion provider or MSP that’s entertaining the idea of adding an MSSP practice, channel executives said.
mindset than traditional management of IT. “Security is more like accounting than it is like firefighting,” Valavanis said. Because attackers typically are inside victims’ systems for weeks or months before they’re detected, “you’re look- ing for activity that hints that there are things going on,” he said, which is akin to accounting work. “You’re not looking for attacks as they happen.” For this reason, MSPs should not neces- sarily view the MSSP model as the next logical step,Valavanis said. “It has a very different nature to it,” he said. Too often, though, service providers looking to expand to become MSSPs run into problems from “dragging in some of that MSP thinking,” Valavanis said.
MSPs on the journey to becoming an MSSP need to recognize that delivering managed security services requires a different mindset than traditional management of IT: ‘Security is more like accounting than it is like firefighting.’
“There’s a lot of liability just from putting yourself out there and saying you do it,” said Seth Kilander, founder and CEO of Denver-based Ki Security and Compliance Group. “That liability could be exponential, especially when it comes to insurance.” Without a doubt, when it comes to a service provider’s liability, “they’re essentially signing up for a lot more” by making the leap into MSSP work, saidAndyAnderson, founder and CEO of cyber insurance broker DataStream. If an MSP is considering such a move, Anderson said, “I think they really want to make sure that they are not making that decision lightly and that they actually are going to take on the responsibility and have the exper- tise to do it.”
For an MSP that’s exploring the idea of offering managed security services to customers, a recommended initial step is to become proficient at managing its own internal cybersecurity program, according to FCI Cyber CEO Brian Edelman. “If you do it [well] for yourself, then make that jump,” said Edelman, who founded the Bloomfield, N.J.-based MSSP in 1995. “But if you don’t do it well for yourself, then learn to do it well for yourself—and then make an informed decision that allows you to do something that’s good for you and your clients.” Serving SMBs For those solution providers and MSPs that want to play an important role in meeting customer needs for managed security services—but aren’t inclined to try to deliver those services in- house—there are a growing number of choices. In addition to working with MSSPs such as Cyderes and Avertium, another notable partnership option was originally devised by security service provider Novacoast.
–StelValavainis, Founder, CEO, onShore Security
Ki Security and Compliance Group has intentionally stayed away from describing itself as an MSSP even though the com- pany is “close to one” in terms of capabilities, Kilander said. For instance, the company doesn’t operate its own SOC or offer SIEM capabilities, “which an MSSP definitely should,” he said. All in all, “we’re covering some of the MSSP [capabilities], and then we’re outsourcing the rest” to a trusted partner, Kilander said. “We work with them very closely so that all of our stuff is tying through theirs. [We want to] have that relation- ship where they are an extension of us.” There’s a widespread mentality in the MSP community that prevents many solution providers from taking a similar approach, however, he said. “Most MSPs come from the side of, ‘We do everything. You don’t need anyone else. And if you have anything else, our con- tract is void,’” Kilander said. “We have to get past this mindset.”
66
JUNE 2023
Made with FlippingBook interactive PDF creator