How to Offer Proactive, Detective and Responsive Managed Security

Author: Continuum’s Meaghan Moraes
Author: Continuum Content Marketing Manager Meaghan Moraes

Today, one in three security professionals lack the intelligence required to effectively detect and respond to cyber threats, according to a survey from Anomali. Where does this leave businesses, especially small-to-medium-sized businesses (SMBs) that are now the prime targets of cyber attacks? The reality is dire. In fact, 60 percent of SMBs go out of business within six months of a breach.

With advanced threats like hyper-targeted malware and ransomware, foundational security tools aren’t enough to keep SMB clients secure. Small businesses generally assume they are already protected from phishing, ransomware and insider threats, having historically secured their data firewalls, antivirus applications, or two-factor authentication. Those foundational security tools and policies are still required—but due to the modern threat landscape, additional layers of security need to be added into the equation to provide more complete and holistic protection.

SMBs’ lack of preparedness to defend against these attacks presents a significant opportunity for managed security services providers to minimize risk for their SMB clients and protect them from evolving threats.

In this new era of cyber security, it’s your responsibility as an MSP to understand how to successfully navigate the modern landscape. Even if the security tools you already have in place have proven effective for the past couple of years, your clients are facing higher risk than ever due to the prevalence of advanced attacks—thus your cyber security strategy must evolve and grow to keep pace.

As you work to redefine cyber security for your clients through your security offerings, it’s important to ensure your goals align with client needs. Oftentimes, your client may not know what they actually need—which is why offering a multi-layered security solution is vital for MSPs emerging as cyber security leaders.

Beyond the Basics

There’s a difference between offering protection and offering advanced protection. Foundational security has historically been comprised of disparate tools such as basic antivirus, managed firewall, patching and backup. However, the modern threat landscape demands more. MSPs and SMBs need more advanced and comprehensive security—such as endpoint and network security, SOC services, log management, DNS filtering and user training—in order to remain one step ahead of threats at all times.

These advanced protections cover all of the necessary bases; they provide proactive, detective and responsive security. Once you understand the types of security you should be offering, it’s time to package your tools in a cohesive way, centered on specific client needs.

Establishing Effective Security Services

Continuum CEO Michael George

Proactive security includes elements like security awareness training, patching best practices, etc.—essentially the things you need to stay ahead of threats and prevent vulnerabilities from being exploited. With a proactive approach to cyber security, MSPs will be informed of exactly how well-protected their clients are from specific risks. Capabilities such as advanced security profiling and risk scoring, employee security training, and incident response planning can help you consistently predict and manage risk.

Detective security typically comes in the form of antivirus, or a similar tool whose goal is to look out for malicious indicators. When it comes to immediate and robust detection capabilities, it’s crucial to offer endpoint and network management so you can detect suspicious behaviors across both the network and all endpoints, alerting you if and when you need to immediately roll back and minimize any damage.

Lastly comes responsive security, which usually offers remediation capabilities. A security operations center (SOC), for example, can provide remediation services as well as deep forensics, allowing you securely monitor and mitigate threats for your clients in real time. It’s the combination of proactive, detective and responsive that makes for a profitable—and most importantly, highly effective—cyber security offering.

The Advanced Cyber Security Solution

Continuum Security is the advanced solution MSPs need to deliver the protections their clients demand. With Continuum Security, you can deliver a complete, end-to-end cyber security offering without having to build and maintain in-house operations. The solution combines powerful software with a suite of SOC services to deliver both foundational security and highly advanced protections for SMB customers—including endpoint management, SIEM, advanced threat intelligence and the capabilities and reporting required to ensure compliance in modern business environments.

With additional layers of security, users have the ability to roll back in a completely different way: immediately, proactively and effectively. This is a brand new concept in the managed security services space.

As an IT service provider moving into the managed security space, it’s important to remember that communication is everything. With clients, you can define exactly what you’re protecting against in an effort to focus on their top cyber concerns. If you “profile” certain attack vectors using common attacks types like Ransomware, Phishing and Brute Force Attacks, you’ll be able to clearly communicate to clients exactly what it takes to protect against their biggest risks and which technologies are required to remain as secure as possible.

Continuum Security’s Profile & Protect product enables MSPs to leverage pre-existing or custom-built profiles that map to specific threat types in order to define proper security strategies for each of their clients. Each profile explains exactly which technologies should be in place in a given environment, and offers advanced alerting and risk scoring so you can accurately measure risk on a per-site or per-device basis.

Additionally, the Continuum SOC provides MSPs with the analysis, monitoring, and threat intelligence needed to define how to protect against cyber attacks across endpoints and networks. The SOC ensures you identify threats and meet regulatory requirements through a fully integrated range of response and remediation capabilities, keeping client environments and data safe and available 24x7x365.

Continuum Security’s Detect & Respond – Endpoint product provides fully SOC-supported endpoint monitoring and threat detection to identify active threats and remediate attacks. Powered by SentinelOne, Detect & Respond – Endpoint builds on foundational security to rapidly identify and halt even the most sophisticated attacks, minimizing harm and reducing risk to client endpoints.

To complete the solution, Continuum Security’s Detect & Respond – Network & Compliance leverages industry-leading SIEM technology to collect, analyze and correlate information from network devices, endpoint logs and threat intelligence feeds. This information is used to identify security incidents, policy violations, fraudulent activity, and other threats—and when such activities are identified, the Continuum SOC quickly takes action to mitigate the attack while providing advanced remediation documentation and recommended next steps.

Bonus  - Join UsContinuum Security is the advanced cyber security solution you need to deliver the protections your clients demand. Tune in on June 25, 2018 at 11:00 a.m. EST as Continuum CEO Michael George and team explore today’s evolving threat landscape, their recent acquisition of CARVIR and Continuum Security’s three core products. Register for the webinar here.

Meaghan Moraes is content marketing manager at Continuum. Read more Continuum blogs here.