beebright - stock.adobe.com
Security vendors are rushing to develop managed detection and response offerings that they hope will be embraced by partners, particularly managed service providers (MSPs) that are looking to extend the protection they deliver to customers.
Sophos launched its managed threat response (MTR) service in October 2019, pointing out that for many MSPs, the resources required to run a 24/7 security monitoring operation were simply unachievable, with a minimum of three staff and ideally a security operations centre (SOC) required. At the same time, most customers are also struggling with skills shortages and lack skilled cyber security staff, so they are turning in greater numbers to providers of managed services.
Analysts are expecting managed detection and response services to increase significantly over the next few years, with Gartner forecasting that by 2024 a quarter of firms will be using MDR services, a substantial rise on the current level of 5%.
Following in the wake of the Sophos MTR proposition, others are also starting to come out with their own flavours of managed detection and response (MDR), with McAfee and Digital Guardian the latest to get involved in the market.
“The adoption of managed detection and response services is increasing at a rapid rate, driven by mandates to follow regulatory and data protection laws, sophisticated attacks, digital transformation initiatives, and the high cost of maintaining legacy security solutions,” said Aaron Sherrill, senior analyst at 451 Research.
“As enterprises realise that not all attacks can be prevented and compromise is inevitable, many organisations are turning to MDR services to secure their corporations’ sensitive data and gain the visibility and support necessary to protect against the evolving threat landscape,” he added.
“Digital Guardian’s MDR service takes that burden off an organisation in favour of having it provided by our highly experienced ATAC team to proactively hunt, detect and respond in real time to attacks, so our customers can focus on running their business,” said Tim Bandos, vice-president of cyber security at Digital Guardian.
The Digital Guardian service provides a current state gap analysis, an incident response service, threat intelligence, cyber advice, and alerting and reporting around the latest threats.
McAfee has also launched an MDR offering, and has given DXC the chance to make an impact as its first strategic partner in this market segment.
“DXC was selected due to its proven security expertise in threat hunting and forensic investigation, as well as its deep knowledge of endpoint security. We are excited to see our partnership expand into new areas of growth that support these vital customer needs,” said Ash Kulkarni, executive vice-president and chief product officer for the enterprise business group at McAfee.
The MDR service provides threat intelligence, forensics and investigation, and managed endpoint threat detection and response.
“As threats continue to grow and become more sophisticated, it’s important to understand that not all organisations have the time nor resources to manage a modern security operations centre,” said Mark Hughes, senior vice-president and general manager for security at DXC Technology.