Organisations are rapidly looking at the support of a managed security service provider (MSSP) as an alternative to investing heavily in recruitment, staffing costs and finding a solution to the problem of staff retention.
In fact, they see taking on an MSSP as an extension to their existing IT team, which can offer further cyber security expertise to maintain the company’s security posture, assume accuracy and improve effectiveness.
With an increasingly challenging threat landscape, being a successful MSSP can be a struggle. Making sure customers stay safe is critical to the success of your business, which is why understanding what makes a great MSSP is crucial for you to be able to make informed choices that will prove beneficial to the company.
Employ and maintain the right staff
If you’re going to advertise the fact that you are experts in cyber security, then you need to make sure you employ staff who know what they are doing. In too many cases, security operations centres (SoCs) employ staff with minimal or little experience in building, deploying and managing a system in a production environment.
The reliance on tools alone is also a problem, as an SoC is only as good as the tooling and staff combined. The majority of SoC operations staff are not equipped with the skills an experienced consultant or determined attacker has in their armoury.
The retention ratio for MSSP staff is also problematic, as salaries for SoC staff are on the lower end of the cyber security pay scale. This is a big issue, as the SoC is at the forefront of an organisation’s defence, and the staff are faced with actors of malicious intent on a daily basis.
Your SoC and security teams are the first and last lines of defence against some pretty determined threat agents out in the wild, so make sure they feel valued.
Ryan Compagnone, Edgescan
As we all know, there is a substantial cyber security skills gap, so if you have talented and experienced staff, keep them happy with benefits and incentives, and this will lead to contented customers.
Relaying accurate data
Making sure you’re able to offer more accurate results is key to helping your customers’ IT teams work in a more time-effective and efficient manner.
Make sure you can give a truthful false positive rate alongside the various types of data you can offer. Being a MSSP is an outcome-driven service, so always deploy the best dashboards and application programming interfaces (APIs) available to clearly share the information you’re receiving and help easily identify potential threats.
There have been too many incidents where vulnerabilities have been classed as false negatives due to the SoC team not understanding the issue correctly.
Integration and output
Understand how each customer’s reporting system works. Have the solutions in place to easily integrate clean, actionable data into their reporting processes, be it SDL pipeline or ticketing. Remember, you’re there to make things more efficient without missing any critical incidents, so offer a reporting system that will integrate with ease but will highlight any security issues without fail.
Measurement of success
Offer detailed reports on the breach attempts thwarted, malicious activity detected and vulnerabilities discovered.
Measuring your success and relaying it back to the customer is the best way to demonstrate your value and maintain the trust in you.
It is also a tool to which you can help your customers improve their security posture and offer additional services if needed.
Partnering with other security experts
To stay ahead of the volatile threat landscape and maintain a proactive approach to your customers’ security needs means partnering with other security providers. It is now near impossible to offer all the tools needed to combat modern cyber security threats. As an MSSP, this is an opportunity you can capitalise on.
Partnering with different security vendors which offer different solutions can help you grow your business, deliver a better service and generate high-value, increased recurring revenue business partnerships. You’ll also be able to take advantage of a wealth of knowledge and support to deliver better business outcomes for your business and your customers.
As an MSSP, you’ll be facing ever-increasing demand for security services, plus the need to rapidly deploy solutions as new threats occur. To be a “great” MSSP, you’ll need to demonstrate the ability to deliver a full portfolio of security services more competently and cost-effectively than your customers can do on their own.
If you can deliver the above, then you will make a great MSSP, but also remember you can’t deliver a full security service on your own. Make sure you work with the right people to guarantee business success.