It seems like every MSP is looking to move deeper into managed security services. But where should those MSPs actually focus their cybersecurity efforts for 2019?
It's often smart to emulate the best. In this case, MSSP Alert suggests taking a look at Herjavec Group -- a Top 100 MSSP that offers eight different managed security services (items 3 through 10 below). We've added items 1 and 2 as basic starting points for MSPs that are newer to the managed security market.
We're not suggesting that all MSPs and MSSPs of all sizes can emulate the complete list of 10 items. But it's at least a roadmap to help shape your cybersecurity strategy for 2019. Here's the list...
1. Basic Security: ConnectWise CEO Arnie Bellini described the difference between basic security and advanced cybersecurity during an MSP gathering at Cisco Partner Summit 2018. The basic approach, which all MSPs should offer, spans traditional managed services like 24x7x365 monitoring, plus disaster recovery and:
- Email Encryption/spam filtering
- Web content filtering
- firewall management.
Bonus: Still not sure where to start with basic security? Focus on this cybersecurity framework from NIST, and you'll learn new ways to mitigate risk within your own business and for your customers.
2. Advanced Cybersecurity: Here, Bellini extends his definition with these more advanced cybersecurity capabilities.
Separately, Herjavec goes deeper with the eight managed security services (items 3 to 10) listed below.
3. Managed Detection and Response (MDR): Some companies claim MDR is different from traditional MSSP services. To reinforce that point, here are 20 emerging MDR providers. Still, MSSP Alert believes the line between MDR and MSSP services is blurring. The overall MDR market will reach $1.66 billion by 2022, up from $419.70 million in 2017; that's a compound annual growth rate of 31.6 percent during the forecast period.
4. Managed SIEM: Some large MSSPs offer complete managed SIEM and/or co-managed SIEM services. Generally speaking, a managed SIEM correlates and analyzes a customer's network logs in real time, matching up disparate data and applying the latest threat intelligence to filter out background noise and identify actual security events. As a result, the managed SIEM produces actionable security intelligence, companies like Ideal assert. The worldwide Next-Gen SIEM market to reach $6.75 billion in revenues in 2023, according to Research and Markets -- though that figure doesn't really zero in on the "managed" portion of the SIEM market.
5. Vulnerability Scanning: In the case of Herjavec, the company's Vulnerability Scanning services provide an advanced risk scoring solution for reporting.
6. Managed Endpoint: This often includes endpoint detection and response, advanced threat detection and network access control. The cloud endpoint protection market size will reach $1.82 billion by 2023, growing at a compound annual growth rate of 12.4 percent from 2017, according to ReportsnReports.
7. Managed Secure Gateway: Here, Herjavec offers IPS (intrusion prevention system), email, URL, content and other types of filtering.
8. Managed Identity Services: This typically involves 24x7 identity and access management (IAM) platform health monitoring. A managed IAM service tracks user data and access permissions; automates user provisioning based in groups, policies and workflows; and aligns with corporate compliance initiatives, Herjavec Group notes. The global IAM market will be $22.68 billion by 2025, according to Grand View Research Inc., rising at a CAGR of 12.7 percent from 2017.
9. Incident Response: This can involve (1) detection and analysis; (2) containment, evidence collection, eradication or remediation; (3) recovery and (4) post incident review, Herjavec notes.
10. Managed Threat Detection: This can include logging, correlation, alerting and threat hunting. The threat detection market is expected to generate about $119.17 billion 2022, representing a 13.11 percent compound annual growth rate (CAGR), according to Markets and Markets.
Did we miss a hot managed security service for 2019? Send me an email with your thoughts ([email protected]).