Cyber security is often at the top of the IT priority list for many organizations. IT security spending is a growing share of technology budgets as businesses seek to protect their critical assets. But the challenge of protecting the network from rapidly evolving threats with limited internal expertise drives many organizations to seek help from third-party managed security service providers.
Several types of providers are available to businesses, including systems integrators with managed and advisory services, telecommunications providers, and pure-play security companies. With the hundreds of major MSSPs offering a wide range of security services, finding the best network security service provider can be daunting.
While each organization’s cybersecurity needs and challenges can vary, there are some common considerations that apply to all organizations when selecting managed security services. Before narrowing down the list of potential vendors, organizations should have a solid understanding of their managed security service needs. Here are some common questions organizations should ask themselves:
What gaps exist in the current security infrastructure and personnel?
Is the company looking to increase its staff to better support its current security infrastructure, or does the company want to completely outsource security operations?
Is the company good at monitoring and managing network infrastructure, but more concerned with incident response?
Determine your network security needs
Some companies may need to consult with a third party about their security architecture. Others may opt for an MSSP because they are looking for a distributed denial of service (DDoS) mitigation. In addition, organizations can seek assistance from an MSSP for a host of other things, from integrating security infrastructure to governance, risk management and compliance.
Many companies build their initial prospective list by type of supplier based on certain needs. For example, a business that needs to monitor traffic and mitigate DDoS attacks might focus on telecommunications-based network security service providers. Another company seeking more advisory support on policy development and improving their compliance posture may choose a systems integrator.
IT administrators and others involved in procurement should narrow the list of potential vendors to those providing the security services they need now and the adjacent services that may be on the horizon.
There are several factors that must go into selecting the best candidates, but none are more important than determining whether the supplier has the trust of their existing customers.
Knowledge and reputation of the industry is vital
There are several factors that must go into selecting the best candidates, but none are more important than determining whether the supplier has the trust of their existing customers. In an industry that values innovation, it is equally important that the MSSP have a solid reputation for providing security services over many years.
Organizations should ask potential MSSPs for referral customers. It is also helpful if the MSSP has experience in providing security services to other companies. in the same vertical. This is beneficial for managing compliance and understanding specific threats and vulnerabilities within a particular industry.
MSSPs build their reputation on service delivery, which is based on a combination of human and technological resources. Suppliers may use a combination of technologies developed by third parties for the provision of services.
What is the experience of the staff?
Organizations should know how many security analysts and the professional services personnel that the supplier employs and the technology certifications they have.
If an organization wants an MSSP to take over the management of its firewall and the administration of other security devices on its infrastructure, the vendor needs sufficient resources and expertise with the security infrastructure. of the company.
Organizations looking for a Security Operations Center (COS) services should investigate the security infrastructure of the MSSP. For example, does it have multiple SOCs for greater availability and redundancy? If a business is international with sites in multiple countries, it may be beneficial to have an MSSP with similar resources.
Enterprise security buyers also need to find out what kind of service level guarantees potential MSSP offerings and whether they are competitive against other vendors. Vendors will offer service level agreements (SLAs) around metrics such as timing of emergency notifications and proactive maintenance. Another common SLA metric is incident resolution time.
Cost is always a consideration
When it comes to threat management, more and more customers are pressuring MSSPs to quantify the accuracy of their alerts. One of the biggest obstacles to security operations teams is the volume of false alarms. A flood of alerts that are harmless anomalies can lead to complacency. In this case, security teams could miss out on real and potentially dangerous threats.
Security buyers should also consider how individual vendors handle the customer relationship. Some suppliers offer a team of dedicated analyst contacts; others may offer the option of having security personnel at the customer’s site.
Finally, cost is also an important factor. For organizations that don’t need a lot of advisory support, highly automated services with limited business contacts can help make the services more cost effective. But many customers can justify a large outlay based on the fact that they can’t afford the downtime or other losses associated with a costly breach.
John Leyden July 02, 2021 at 16:30 UTC Updated: Jul 05, 2021 08:18 UTC Authentication Bypass Flaw Mitigated Thanks to Microsoft Researchers Firmware vulnerabilities in a commercial-grade Netgear router opened the door to a range of exploits, including spoofing and full system compromise. The recently fixed flaws in the Netgear DGN-2200v1 routers were discovered by […]
OVERLAND PARK, Kan .– (COMMERCIAL THREAD) –FireMon, the leading network security policy management company that brings visibility, control, agility and automation to enterprise cloud and hybrid network infrastructure, today announced the availability of updates to the FireMon platform , helping customers more effectively manage network security policy in existing data centers while enabling secure cloud […]
Cisco is offering a new tool that it says democratizes the use of key telemetry feeds to help customers more efficiently complete analytics applications and efficiently run enterprise network management systems. Telemetry metrics are generated from corporate resources, such as switches, routers, wireless infrastructure, and IoT systems, and used by business and technology applications to […]
