https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Services Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity, Equity & Inclusion
  • MSP 501
    • Back
    • MSP 501 Information Center
    • 2021 MSP 501 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2021 MSP 501
    • Circle of Excellence
    • DE&I 101
    • Top Gun 51
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Services Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity, Equity & Inclusion
  • MSP 501
    • Back
    • MSP 501 Information Center
    • 2021 MSP 501 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2021 MSP 501
    • Circle of Excellence
    • DE&I 101
    • Top Gun 51
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

From the Industry


Getty Images

Sponsor Content

Social networking concept.

It’s Time for MSPs to Offer Threat Hunting as a Service

  • Written by Sophos Guest Blogger
  • January 3, 2020
Here are some key areas for MSPs to consider when deciding to offer detection and response services.

Protection from today’s advanced threats needs to be round-the-clock, to keep up with the always-on nature of cybercrime. As enterprises today face attacks from every direction, from vulnerable cloud misconfigurations to devastating RDP exploits, they need to be able to detect and respond to threats quickly, at all times.

With that in mind, and to stay a step ahead of competition, many MSPs are moving beyond a prevention-centric approach to security, expanding their offerings to customers to include threat hunting as a service, in the form of threat detection and response capabilities.

In some cases, MSPs may be best served by building their own security operations center (SOC), but others will find more success outsourcing these activities to a trusted security partner. Regardless of which path an MSP chooses, building a detection and response practice is as much about developing teams and processes as it is about buying products and services.

How can MSPs kick off or evolve their detection and response capabilities–whether in-house, outsourced or mixed–to deliver an effective and well-defined service that performs for both their customers and their bottom line?

Let’s take a closer look at some key areas for MSPs to consider when deciding to offer detection and response services.

Tools, People and Processes

MSPs need to offer measurable and demonstrable protection, detection and response capabilities. This requires tools, people, and process.

In terms of tools, prioritize prevention over detection. Then, make sure detections cover the gaps where machines cannot make an adequate determination. MSPs need to be able to see deep inside the network, gathering information from disparate sources to figure out when and where threats are occurring.

Once that information is acquired, MSPs need adequate manpower to sift through and investigate the alerts that matter. One of the main issues that MSPs struggle with is human capital–threat hunting is complex work, and it’s difficult to recruit, train, and retain the talent needed to perform effective threat detection and response. MSPs simply aren’t going to have a thousand security analysts at their disposal in their SOC who can evaluate the data and prioritize what matters. Outsourcing helps here, but so does establishing effective processes.

How do you make sense of the data, and how do you figure out what to look at, what to prioritize, and what needs action? How do you filter, and, more importantly, how do you avoid filtering out alerts you should have looked at? How do you identify assets and containers and secure them? How do you know when you’ve looked enough, and how do you decide when to act? Answering these questions is difficult, but creating parameters and setting up processes enable MSPs to identify the detection that matters most and determine how to respond.

Responding to threats is another area where the additional resources outsourcing brings can be beneficial, whether the threat needs to be neutralized, isolated, contained or removed altogether. Having more manpower can only support your efforts.

Proactive Security Approach

How can MSPs measure the success of their threat detection and response service? Of course, their customers should experience improved overall security as a result. But at a higher level, it’s all about achieving the ability to be more proactive instead of reactive.

By evaluating the telemetry on an ongoing basis, either internally or through a trusted security partner, MSPs can give customers proactive information about their network and devices. For example, higher memory usage could be a sign that an attack is happening. Or, MSPs may be able to notify customers about events on their network if they’re seeing high volume of alerts generated from a single device, which could be another sign of an attack.

Rather than simply offering services akin to cyber liability insurance, MSPs need to provide effective security capabilities that prevent, rapidly detect and neutralize threats.

This guest blog is part of a Channel Futures sponsorship.

Tags: MSPs Best Practices From the Industry Intelligence Security Specialty Practices Strategy Sophos Sponsor Content

Most Recent


  • Strategy compass
    Zoom Vet Laura Padilla to Shape Airtable's Channel Strategy, Partner Program
    Airtable presents a "huge" opportunity for channel partners.
  • business questions
    To Pay or Not to Pay: Big Question When Hit with Ransomware
    This is likely the toughest decision a CISO has to make in their entire career.
  • Business rumor
    Broadcom Reportedly Pursuing 'Cash Cow' VMware for Acquisition, Software Expansion
    "To be honest, Broadcom have killed CA and Symantec as brands ..." an analyst told Channel Futures.
  • You are partnering with your customers so develop a longterm relationship with them
    5 Things Vendors Aren’t Doing that Partners Wish They Were
    What are traits of a valuable vendor/partner relationship? We asked our roundtable partner participants to weigh in.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • 5G
    5G: Revolution or Evolution?
  • M&A
    Why All MSPs Need to Understand the M&A Landscape
  • hurricane season
    4 Things MSPs Should Consider When Prepping for Hurricane Season
  • zero-trust
    The Benefits of Zero-Trust Security over VPNs

Upcoming Events

View all

Channel Partners Europe

June 14, 2022 - June 15, 2022

MSP Summit

September 13, 2022 - September 16, 2022

Galleries

View all

Zoom Vet Laura Padilla to Shape Airtable’s Channel Strategy, Partner Program

May 23, 2022

To Pay or Not to Pay: Big Question When Hit with Ransomware

May 23, 2022

5 Things Vendors Aren’t Doing that Partners Wish They Were

May 23, 2022

Industry Perspectives

View all

How SD-WAN Helps Secure the Expanding Network Perimeter

May 19, 2022

A Sneak Peek at the 2022 BrightCloud Threat Report

May 17, 2022

Build Customers for Life with CX and Lifecycle Selling

May 16, 2022

Webinars

View all

Simplifying SaaS Security for MSPs

April 27, 2022

How to Supercharge The Network to Support Your IT Superhero Moves

May 3, 2022

The 2022 MSP Challenge: Scale Service Delivery Despite the Talent Gap

April 21, 2022

White Papers

View all

The New Bottom Line: How MSPs Can Meet the Healthcare Crisis While Evolving Their Businesses

April 19, 2022

How to build a Security Operations Center (on a budget)

April 4, 2022

The AT&T Cybersecurity Incident Response Toolkit

April 4, 2022

Channel Futures TV

View all

AT&T, Microsoft, Cisco, ThreatLocker on Unlocking Partner Potential

Agents Share ‘Secrets,’ Industry Opportunity

May 11, 2022

Vonage Addresses Potential Partner Opportunity via Acquisition by Ericsson

May 5, 2022

Lumen Technologies ‘Built for Growth and Scale’

May 4, 2022

Twitter

ChannelFutures

What are traits of a valuable vendor/partner relationship? We asked our roundtable partner participants to weigh in… twitter.com/i/web/status/1…

May 23, 2022
ChannelFutures

.@Microsoft pres. @BradSmi on how the co. supports #Ukraine with $100M of free tech to fight #cyberattacks.… twitter.com/i/web/status/1…

May 23, 2022
ChannelFutures

Step up #cybersecurity defenses for the #hybridworkplace, says @alignitadvisor. dlvr.it/SQw31K https://t.co/tMzKcNgwAw

May 23, 2022
ChannelFutures

#CPExpo cybersecurity roundtable: To pay or not to pay ransom. @Sophos @Fortinet @Netenrich @Trellix @whitehatsec… twitter.com/i/web/status/1…

May 23, 2022
ChannelFutures

Analysts are sharply divided on the rumored acquisition talks. See what @royillsley from @OmdiaHQ had to say.… twitter.com/i/web/status/1…

May 23, 2022
ChannelFutures

We are proud to recognize @UNESCO's World Day for Cultural Diversity for Dialogue and Development, a day to celebra… twitter.com/i/web/status/1…

May 21, 2022
ChannelFutures

.@barracuda seeing huge shift to managed services among partners at #discover22 dlvr.it/SQmR1y https://t.co/driODezzpS

May 20, 2022
ChannelFutures

.@ConvergeTSC has just announced the acquisition of PC Specialists (@TIGConnect). dlvr.it/SQmMqK https://t.co/suLrTFx1W1

May 20, 2022

MSSP Insider

Business advice for MSSPs and news from the broader security channel.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X