Many organizations are evaluating outsourced managed detection and response (MDR) and endpoint security due in part to a lack of in-house cybersecurity experts, according to the "2019 Managed Detection and Response Report" from ControlScan, a Top 100 MSSP.
Key findings from ControlScan's report include:
- 58 percent of organizations ranked cybersecurity skills shortage in-house as their top security operations challenge, followed by cost and complexity of building in-house security operations (49 percent) and lack of 24x7 security coverage (37 percent).
- 53 percent said they manage their security programs exclusively in-house.
- 33 percent use a security operations center (SOC) to orchestrate threat analysis and response.
Also, 47 percent of organizations said they expect their managed security services budgets to increase, the ControlScan report showed.
Key Drivers for Managed Security Services
Organizations cited the following as key drivers for managed security services in the ControlScan report:
- Ability to respond to incidents (48 percent).
- Lack of internal security personnel/expertise (48 percent).
- Potential cost savings (41 percent).
- Board/executive concern over a potential breach (34 percent).
- Meeting regulatory compliance mandates (32 percent).
- A breach event (25 percent).
Furthermore, 70 percent of organizations prioritize 24x7 security coverage relative to MDR services, the ControlScan report indicated. They also evaluate MDR services based on their ability to integrate and leverage the services into an existing security stack (56 percent) and their cost (54 percent).