As organizations look for help managing their technology, there are a wide and growing number of choices. The Managed Service Provider (MSP) market is booming as are Managed Security Service Providers (MSSP). For consumers, this is good news / bad news. The good news – you have a lot of choices. The bad news – it is very hard to differentiate between all of the choices.
The focus of an MSP is very different than an MSSP; the things that you have to do operationally to excel in IT are significantly different than the things you have to do to excel in security. In the IT world, you are focused on building haystacks whereas within the security context, you’re looking for needles in a haystack. Let’s take a moment to get more specific because these differences can vastly impact the type and quality of service you will receive.
MSPs have traditionally been focused on IT and IT infrastructure (building haystacks). They are patching systems, maintaining operating system versions, making sure that the end-users are able to access key systems. In short, they’re all about the availability side of the formula – the infrastructure resilience.
MSSPs are focused on the continuous state of their customer’s security stance. Cyber-resilience is their goal – creating and maintaining the offensive and defensive posture that can defend, absorb and recover from any attack on the infrastructure. They are looking for the needles in a haystack. A strong MSSP will deliver expertise, insight and intelligence as well as enhanced response and investigation capabilities. They also provide a significant time advantage – allowing organizations to accelerate the maturity of their security posture compared to the time it would take to buy, build, staff, adapt and manage on their own.
Over the last decade, MSPs have been getting more and more involved in security because their customers are asking for help. Being good stewards of their customer’s technology (and identifying growth opportunities for their business), they are looking for ways to integrate security into their traditional offerings. The challenge: being a security practitioner requires very different methodologies, measurements and skill sets, ones that aren’t easily transferrable.
At its most rudimentary level, you may have the best plumber but you’re not going to ask the plumber to do your electrical work. That’s ultimately what we’re talking about here – specializing and expertise. Although someone may be a great IT analyst (supporting an end user to make sure they’re back up and running quickly after a data loss), this is a very different skill set than threat hunting and finding a malicious actor inside your network.
A solid MSSP will offer a breadth of services, providing a layered defense strategy. For example, DataEndure’s “FourFecta” of managed security services includes:
- Advanced Phishing Protection, because you can’t expect your users to be an effective first level of defense
- Distributed DNS Defense: helping you block command and control connections in their tracks – not after they’ve gained a foothold
- Endpoint Detection & MDR: eliminating the dwell time advantage bad actors rely on
- 24×7 Security Operations Center: Around the clock monitoring and management with proactive and reactive capabilities to help stop attacks where they land, not after they spread.
In short, as organizations consider who will help manage their IT and/or security, our advice is to not assume because a solution provider is good at one facet that they will be the right (or qualified) partner to manage the other. While it is easier to have a single throat to choke, it’s not always the best decision.
Some MSPs have taken the direction of white labeling specific security services from an established MSSP. In this context, you potentially get the best of both worlds; maintaining the relationship with the provider you know and trust, while benefitting from established security services integrated into your solution. As with any services you choose to consume vs build yourself, invest the time to be certain that the managed service meets your requirements including KPIs, cost, customer support, etc.
In today’s business and technology climate, organizations must build and maintain digital resilience in order to survive and thrive. If you are curious how DataEndure might help you, let’s talk.