The security outsourcing market was worth over $18.7 billion in 2017 according to Gartner. Businesses of all sizes—especially small and medium-sized enterprises (SMEs)—are drawn to managed services’ predictable, subscription-based pricing and scalability. Organizations that manage information systems entirely in-house will face relatively steep costs and encounter complexity as they scale to meet the cybersecurity needs of modern business enabled by digital processes. Organizations that are entirely in-house have possibilities to combat steep costs and complexities and should explore outsourcing options.
Comparatively, managed services providers (MSPs) offer basic IT support services that include software installation, application provisioning, data backup/recovery, systems management and network monitoring at a fixed monthly cost.
However, MSPs typically lack the defense-in-depth resources and expertise to proactively hunt for cyberthreats, perform 24/7 continuous security monitoring and respond to threats in real time. Accordingly, MSPs do not include threat detection response functionality for an organization’s entire IT footprint in service level agreements (SLAs).
MSSP vs. MDR: Comparing Managed Security Models
Enter managed security service providers (MSSPs) and managed threat detection and response (MDR) providers. Both models are subscription-based services with fixed pricing models, however MSSP and MDR differ greatly in terms of their limitations.
The average MSSP will manage selective aspects of a client’s information security needs. For example, an MSSP might perform endpoint management, remote device management, compliance reporting and so on.
“MDR supplies a cost-effective security operations center (SOC).”
MSSPs will not provide robust network monitoring, threat detection and incident response capabilities or strategic security consulting; nor do MSSPs provide visibility into an organization’s overall security posture. All of these functions are found in the MDR realm.
MDR provides on-demand access to a team of security engineers and incident responders that understands the unique operational circumstances of its clients. In essence, MDR supplies a cost-effective security operations center (SOC), also known as a SOC-as-a-Service.
To learn more, download the “Definitive Guide to SOC-as-a-Service.” You’ll get in-depth analysis of MSP, MSSP and MDR capabilities and limitations to best explore possible outsourcing options.