In the fifth episode of the Sekuro Talkshow, Sekuro Chief Growth Officer Shamane Tan had a conversation with Sekuro’s Director of Managed Security Services Werner Coetsee to find out how companies can leverage the capabilities of Managed Security Services to tackle potential cybersecurity threats quickly and effectively.
Managed security service in a nutshell
Werner provided three different explanations to ‘managed security service’: one that technical audiences would understand, another for a business crowd, and thirdly, a definition that even a child could easily comprehend.
Essentially, managed security services are an extension of internal cyber security teams that provide extended support to an organisation’s environment, manage their security information and event management (SIEM), vulnerability management services, web application firewalls, and many more. It is almost analogous to a homeowner’s approach to dealing with his gardening chores – he can hire or outsource a landscaper to take care of his garden if he does not possess the skill or the patience for gardening.
Similarly, companies leverage managed security services for a cost equivalent to that of hiring one or two mid-level security analysts, and receive the support they require for their cybersecurity needs. Werner further emphasised the appeal of managed security services – if the organisation were to be unhappy with the service provided to them, they could easily discontinue the contract and hire a new provider.
How managed security services can overcome the challenges faced by organisations
When asked about the current challenges faced by clients, Werner elaborated that there are three common limitations that organisations are restricted by:
- Limited cybersecurity budget
- Limited visibility of the technological landscape within the organisation
- Limited expertise should an incident occur
Werner highlighted the advantages of hiring an Managed Security Services Provider (MSSP). Through the use of a managed service, a MSSP could provide 24-7, 365 (days) event monitoring, detection triage and response within the organisation that reduce the inherent risks, as detected threats could be picked up quickly and contained before they wreck havoc on the environment.
His advice if things take a turn for the worse is to “remain calm, think clearly, and act quickly as time is of the essence”. MSSPs can be incredibly helpful in offering an organisation with digital forensics and incident responses through the use of the experienced resources that are operating in accordance to the organisation’s pre-agreed service level.
Key requirements of MSSPs
As MSSPs play an important role in dealing with cybersecurity, Shamane probed about the consideration points useful for companies to look at if they are deciding on which MSSPs to engage. According to Werner, the list of requirements is vast – an MSSP should provide service level agreement customisation and ensure that the services the organisation receives are aligned with their business appetite and response requirements.
Organisations should also look for a managed security provider that offers customised reporting and considers different stakeholder groups (i.e. senior management) which require different metrics and sets of information in order to report either horizontally or vertically. Finally, Werner emphasised that having round-the-clock service coverage would give an organisation the peace of mind, especially during weekends and public holidays, that they are being well looked after.
He added that having a pre-agreed scope of actions that an MSSP can perform on the organisation’s behalf is invaluable.
“There’s not much point in having a managed security service or a Security Operation Centre (SOC) provider when you get called at two in the morning and they advise you that they’ve noticed a certain activity within the environment…” Werner pointed out. Instead, MSSPs should be empowered and trusted to perform certain response activities that fits within the business’ risk appetite.
Dealing with time-sensitive issues such as cybersecurity threats can be extremely daunting, as serious repercussions can result from delayed action. Not only does working with an MSSP ensure that the organisation has immediate knowledge of cybersecurity threats, it gives them easy access to the MSSP’s expertise and resources while helping the organisation save on staffing costs.
Thank you Werner Coetsee for joining us in this episode!
Sekuro & Managed security service
From threat detection, response and risk-based vulnerability management, through to breach and attack simulation and advanced reporting, Sekuro’s managed security solutions proactively hunt for, and respond to, threats in real time.
Combining advanced tools and proven processes, you have peace of mind knowing we are always there protecting your assets.