MDR for the SMB: A CEO’s Perspective

The business case for Managed Detection and Response (MDR) Services in small to medium-sized organizations of about 200 to 2,000 employees could not be more compelling than it is right now. This is for two reasons. First, cybersecurity talent is in very short supply and consequently is becoming more expensive to acquire and retain. Secondly, building and managing a Security Operations Center (SOC) with technology, process, and people is cost-prohibitive for such organizations.

As hackers ramp-up their attacks with increasingly sophisticated schemas and tools that are available commercially or for illicit purchase on the dark web, the threat landscape continues to evolve rapidly. Unless your team is 100% dedicated to staying ahead of such developments, your organization will not be able to lower its risk profile. In fact, the risk to your operation will increase as the probability of being breached does. This is a challenge that organizations will continue to face moving forward. You will need all the help you can get. But, where do you turn for help?

Cybersecurity talent is in very short supply; it is an industry crisis.  It is estimated there will be as many as 3.5 million unfilled positions in the industry by 2021. As such, it will remain difficult to find cybersecurity talent and be even more difficult to assess their capabilities, knowledge, and skills, once you find them. If you end up hiring them, they will be hard to retain.

On the path to building and operating a SOC, finding qualified cybersecurity talent is just the beginning. If you find them, you need enough of them to operate 24/7/365. They will require facilities, security technology, tools, and threat intelligence feeds to aid in monitoring, detecting threats, and performing incident response. The SOC will need to stay ahead of the curve, (Read more...)