Understand the customer environment: MSSPs can get a holistic view of each customer’s security environment using a single console to understand specific requirements and integrate the newest security assets with the latest patches, configuration changes and security policy updates.

Use data and visibility to seek out threats: MSSPs need to correlate customer data against a database of threat intelligence feeds, proactively identify any malicious activity and respond effectively to all types of attacks. They also need to ensure access to real-time visibility to rapidly determine the nature and extent of a threat and immediately respond to an incident.

Configure, monitor, alert and capture: MSSPs should implement and properly configure endpoint, cloud and identity solutions tailored to each customer’s security needs to protect against the entire spectrum of attacks without requiring daily updates. MSSPs need alert aggregation to gain full visibility of incident data across an entire customer base, automatically starting this process when an alert storm is detected to limit the number of notifications paging out. Also, they need to prevent silent failure by capturing raw events for automatic detection of malicious activity, providing visibility, proactive threat hunting and forensic investigation.

Protect with cutting edge tools: Defend customers’ perimeters from edge to cloud to identity. The use of next-generation antivirus (NGAV) and next generation firewalls (NGFWs), as well as integration of advanced malware protection (AMP), application visibility control (AVC) and URL filtering, will provide a multilayered approach. Improvements must be made in mobile device security with virtual private networks and user verification/authentication. Installation of advanced and efficient network security analytics and visibility to identify all network interdependencies is required. Finally, MSSPs need to have the ability to effectively secure many customers in a true multitenant environment.

Set policies and standardization: MSSPs need seamless on-boarding and provisioning of new customers with granular policies to simplify policy management for customers. At the parent level, policies must be set across all customers to achieve operational efficiency. These should be automatically updated to eliminate the need to manage customers’ unique interfaces. MSSPs need to standardize on a single platform instead of following different standards for different types of assets and access points. Protection of customer environments can be made with the latest code offering industry-leading catch rates for known and emerging threats.

Time is of the essence when it comes to remediation. To respond in a timely manner, MSSPs require automated workflows with integrated cyberthreat intelligence directly observed from the front lines.

Employment of a solution using automation, machine learning (ML) and artificial intelligence (AI) will enable early indications of active threats to prevent data leak points and costly ransomware attacks.

Human error can be eliminated by leveraging indicators of attack to quickly detect and remediate malicious patterns of behavior.