Forrester – one of the leading technology research firms – recently released a report to help organizations understand the value they can expect from Managed Security Service Providers (MSSPs) in Asia Pacific region. The report, Now Tech: Managed Security Services In Asia Pacific, Q4 2020, places each vendor into a category of either Pure-play providers, Managed IT providers, Consulting firms, or Telcos.
CyberProof has been included as a “pure-play provider” – a category recognized as having a high capability level in security expertise, remote multi-tenant monitoring and administration, analytics and reporting, orchestration and automation, and roadmap product flexibility.
We believe the following points that Forrester covers in this report demonstrates the critical role MSSPs will play for their organizations within Asia Pacific, as well as the key factors you should consider when evaluating your options.
Alert fatigue continues to plague security analysts due to huge volumes of security log and event data being generated by multiple point technologies and an outdated approach to correlating and centralizing the information that matters. Forrester notes that 78% of SOC staff say that their work is very painful and 67% suffer from information overload.
We believe that security orchestration and automation will continue to be key components that help Level 1 and Level 2 analysts speed up repetitive, manual tasks.
At CyberProof, we leverage our investments in next-generation SOC capabilities such as our smart virtual analyst, SeeMo, to help analysts accelerate detection and response by automating activities such as alert enrichment, incident investigation, reporting and the execution of pre-defined response playbooks. Ultimately, this enables staff to focus more on strategy and innovation.
Customers should leverage their MSSP as the interface for bringing the people, processes and technologies that can help achieve their goals. Here’s how they can help:
Forrester notes that CISOs should be clear on what MSSPs are expected to do and should ensure that they can deliver the necessary services.
Organizations should consider working with an MSSP that adopts a hybrid engagement model – a form of outsourcing that enables the provider to work as an extension of the customer’s team and reduce siloed working. Essentially, a hybrid engagement involves the following key traits:
To Summarize – The Varied Level of Maturity in APAC Requires a Flexible MSSP
According to Forrester’s report, the varied maturity of organizations in APAC has spawned different types of leaders – from more transformational CISOs to those who are focused on dealing with the day-to-day operations. Consequently, security leaders should prioritize MSSPs that can customize their delivery approach, pricing, and operating model based on each organization’s unique challenges. Entering into a managed security services agreement is a strategic move which requires clarity from both sides regarding what to expect from this partnership and how it can flex to meet the changing requirements of the customer.
Working with a provider that brings a hybrid approach – a model that encourages clear communication, transparency of operations, and an integrated team – will ensure you are not outsourcing control along with security but rather enabling your existing SOC team to continuously optimize their cyber defenses in an agile way.
To learn more about how to reduce the risk to your organization, contact us!