Trusted Advisors and MSSPs Given the relative scarcity of skilled security experts, enterprise decision-makers will need to make careful choices about how their security postures will be managed and delivered. Perhaps there is someone in-house who can rise to the task, but that likelihood tends to be quite limited – especially when the risk is viewed in the light of security’s constant changes. While a network can be built on existing technology to operate effectively well into the future, the same cannot be said of IT security, which is a sort of high-stakes “whack-a-mole” game in which attackers try to circumvent defenses, defenders try to fill those gaps, and attackers repeat the cycle by looking for new vulnerabilities. In this environment, Trusted Advisors, often in conjunction with managed security service providers (MSSPs), will offer the best option – perhaps independently, or perhaps in tandem with one another. Depending on the security expertise within your organization, MSSPs might provide different func- tions. “The smart CISOs [in enterprise organizations with substantial security expertise] are looking at the capabilities of their team and trying to figure out which low value tasks that can be outsourced to the MSSP, while the higher value stuff is done by the internal team,” said Brian Stoner, VP of Channels & Alliances at ALTR, which offers data security-as-a-service. “That works down into the midmarket, but when you get into the SMB space, the MSSP typically becomes the outsourced security shop for a lot of them. That’s a smart play for the SMBs because they really can’t afford high-end security profes- sionals. In their case, the MSSPs do the vetting and choose the products. The customers don’t have to worry about the individual components.” In either case, Trusted Advisors clearly recognize the level of expertise involved in keeping their cus- tomers’ data safe. They are therefore more willing to engage partnerships than ever before. “Agents are typically aligned with MSSPs who focus on this issue all day long,” said Gary Schick, National Partner Manager at Quest Technology Management. “Most agents and MSSPs will also have a quick reaction team, which will include people who specialize in this type of attack. These people might be their own employees, or they might include outside people whom they know and trust.” “We certainly support engaging with an expert partner in two aspects,” said Lee Pallat of Stratacore. “One is having an incident response retainer which gives you access to a professional cybersecurity SWAT team to provide real-time guidance when breaches occur. The other aspect is for them to help you build an adequate response plan for when the breach occurs. What are your communication procedures, both internally and externally? What operational steps will you be taking to make sure you have all the necessary logging and tracking in place so you can identify what has happened and whether any data has been lost?” Copyright © 2020 AVANT Communications, Inc. 14 Copyright © 2020 ACopyright © 2020 AVVANT CommunicANT Communicaations, Inc.tions, Inc. 234 Copyright © 2020 AVANT Communications, Inc. 7
Managed Security Trends and Insights Page 23 Page 25