Executive Summary
As an IT executive at a midsize enterprise who is responsible for security, it’s your job to ask tough questions about the security posture of your organization.
You’re tasked with protecting your organization’s most critical assets against an ever-growing list of threats. There is an arms race going on in cyber that the “good guys” are not necessarily winning. Every year losses due to cybercrime increase. It’s normal and healthy to seek out a force multiplier in the form of a partner providing security-specific managed services – also known as a Managed Security Service Provider (MSSP).
As the name implies, a MSSP exists to help secure your business by turning piles of machine-friendly data (e.g. endpoint detection logs, authentication logs, firewall logs, etc.) into useful alerts and incidents with relevant context (typically using a SIEM, SOAR, and/or XDR platform) and ultimately helping you manage those incidents to reduce risk in your environment.
You’re not alone in considering a managed security service to do all of this.
Security services was the largest category of security spending, expected to reach $76.5 billion in 2023.1
Spending on managed security services alone is projected to hit $49.6 billion by 2027.1
Managed security services offer many benefits.
For one, you get fractional access to security talent that is hard to find, expensive to hire, and both costly and difficult to retain. Fractional access means you get to pay for just what you need, not absorb the entire investment in a full-time 24x7x365 SOC. For organizations under a certain threshold, the investment in your own SOC is likely not the right decision. The determination of that threshold is the subject of another paper, but if your security budget won’t support 14-20 new full-time staff, you’re probably under that threshold.
By outsourcing, you will get access to state-of-the art security tools, expert staff, and time tested and refined processes, all backed by machine learning (increasingly “AI”) and robust threat databases. Writing the content for your SOC operation, like playbooks and use cases, is then the job of your MSSP and determining which MSSP can maximize your value is an important factor.
While MSSPs make sense for many organizations, your success will depend on many factors. Picking the right provider is only one of them.
The best way to increase your odds of success is to ask key questions and get solid written answers before you sign a contract.
This white paper describes five questions to be answered:
1
Is my organization ready for managed security services?
2
What do I want from a provider?
3
Which tech stack do I want?
4
How much support do I need?
5
How will I evaluate the finalists?