Five Questions To Ask Your MSSP
According to a recent report, the global Managed Security Services market is expected to grow to $34 Billion by 2022. Due to the increased complexity and focused attacks from domestic and foreign entities, organizations (at an increasing rate) now consider outsourcing their security operations to service providers who focus solely on their protection. Tight budgets, environmental complexity and the well-documented shortage of security expertise in the market further drive the demand to partner with an independent provider.
If any of the above challenges apply to your organization, your next goal is to properly qualify the right MSSP partner. Based on an article written by Business2Community, below are five questions to ask your potential MSSP before signing the dotted line.
What kind of reports do you provide and how often?
Asking your MSSP what type of insights and reports they provide your organization is good business practice. This will enable you to build controls which further the security practice and help with reporting for regulatory and compliance needs. However, every event is not an alert and every alert is not an incident. Managing how often (and what) incidents to investigate is a fine line for organizations. On one side, you need to be aware of all the data provided to the business, but at what point does it become a distraction and undermine the original goal of outsourcing this operation? Understanding and customizing this process with your MSSP will help build a solid foundation.
Do you support hybrid cloud infrastructure?
With most organizations supporting applications on-prem and in the cloud, partnering with a MSSP who has experience and processes in place to monitor and protect your applications, wherever they sit is key. Partnering with the wrong MSSP here can create vulnerabilities and excessive costs, neither of which your organization wants to deal with.
What is your shared responsibility model?
When outsourcing anything with IT asking the simple question, “What are you responsible for?” and “What am I responsible for?” is vital to your success. This is especially true for your MSSP as clearly defined roles and responsibilities leave no wiggle room if/when an attack may occur. This can be a costly mistake for companies who wait until the fire alarm rings before having the conversation.
Who do you partner with?
Some MSSPs depend on third-party tools to help protect your environment. This shouldn’t be considered a negative considering your organization now has the benefit of a best-of-breed approach when it comes to their technology stack. Learning more about your MSSP’s in-house technologies will give you the confidence in their ability to execute.
Proof of concept?
Of all the questions to ask, this might be the most important. Before signing any agreement with an MSSP, always, always push for a proof of concept. If your potential partner is hesitant to invest the cycles in your request, shouldn’t this be a red flag? How your potential vendors act during their sales campaign, for better or worse, should be a clear indication of how they will act after your deal is signed.
Take your time, ask the right questions and define responsibilities with your MSSP before making any commitment. A successful marriage between organizations enables your team to focus on more critical, market differentiating products and services versus a reactionary fire fight.
March 2021 Update
We’re starting to see many organizations consider a Managed Detection & Response Provider (MDR) over MSSP. We’ve compiled an additional list of questions to help you compare the two, read our latest blog post about MDR vs MSSP here.
If Opkalla can help your business evaluate the leading MSSP providers (or MDR!) in the market, please contact us to discuss options and pricing at no cost.