How to Get Your Managed Security Game On
Managed security is red hot, with escalating demand from customers and stiff competition in the market.
So how do you stand out in the crowded managed security services field? A panel of experts are preparing to discuss everything you need to know to execute an effective managed security strategy.
They will share their advice in their presentation, “Up Your Managed Security Game Tomorrow: Tips and Tricks from Top MSSPs,” part of the technology leader track, part of the Business Success Symposium, April 9, at the Channel Partners Conference & Expo in Las Vegas.
Channel Futures spoke to the panelists: Jason Ingalls, CEO of Ingalls Information Security; Ian Richardson, founder and CEO of Doberman Technologies; and Jason Steiner, manager of risk advisory services at RSM US.
In a Q&A, the panelists gave a sneak peek of the information they plan to share during the session.
Channel Futures: What are some of the most pressing needs of managed security providers?
Jason Ingalls: Talent, with 3.5 million open jobs by 2021.
Ian Richardson: The biggest need is a partner with the talent to be able to assist an MSP in an actual breach scenario — incident response support. Very few MSPs will be able to do forensic analysis/incident response in-house, especially the first time around. Someone who can give guidance on the go-to-market strategy, and participate in the sales process for support, is useful as well. Having a proper security information and event management (SIEM)/security operations center (SOC) solution that can be translated to a per-device/per-use costing is vital for the model. An MSP will need to be able to have levels – think silver, gold, platinum – for the foreseeable future in security until this becomes table stakes.
|Hear from this panel and 100+ other industry-leading speakers at the Channel Partners Conference & Expo, April 9-12, 2019, in Las Vegas. Register now!|
Jason Steiner: Demonstrating compliance to and mastery of information security practices (frameworks). MSSPs should be certified in the relevant frameworks for those industries it wishes to serve. Certification will demonstrate to potential clients the MSSP’s expertise and reliability, which should be a differentiator in the marketplace. Also, being certified enhances the MSSP’s risk-management program and should have the added benefit of lowering cybersecurity insurance costs.
Also, understanding evolving technology and how this technology creates or exacerbates vulnerabilities and threats in an MSSP or client environment. The best example of an emerging technology is IoT. The best example of an emerging threat would be ransomware. An effective MSSP should understand how to articulate threats to a client’s evolving business needs and develop solutions that mitigate these threats.
CF: What are some examples of technologies/capabilities most in demand?
JI: Social engineering awareness and training (PhishMe, KnowBe4, [and so on]).
IR: Dark web monitoring, [a] SIEM/SOC solution, multifactor authentication (MFA), auditing capabilities for compliance and a professional-services plan.
JS: While there’s a need to provide services that fall under all levels of maturity, higher maturity-level services like intrusion and detection (IDS), SIEM and incident management are in greater demand because of the higher costs and human resources required to effectively implement them. Basic functions like ticket management, help desk support, device management and log management continue to be important because …