Evaluating an MSSP Security Stack

If you are leaning toward working with an MSSP to strengthen your security practice, or you have already made the decision to move in that direction, your next step will be to choose the right MSSP. This is not such an easy decision. Some factors to consider include:

• Are they capable of delivering the level of service you need?
• Can they deliver service at a cost you can afford?
• Can you partner with this provider?
• Do they have the technical capabilities to do what they say they can do?

One reason for finding the right MSSP is that every company has its own unique security priorities, and there is a great variation in the level and types of service offered by MSSPs. The best way to begin is to understand in greater detail exactly what security capabilities you need, and why you don’t have them now.

To find out more about what security professionals wish they had and why they don’t have those capabilities, Mighty Guides sent the following survey questions to about 3,000 professionals:

Which security technologies are you currently using? (Check all that apply)

1. Security information and event management (SIEM)
2. Endpoint detection and response (EDR)
3. Security orchestration, automation, and response (SOAR)
4. Advanced threat hunting
5. Behavioral analytics

Here are the respondents’ answers:

Additionally, Mighty Guides asked:

Which technology do you need that you don’t currently have? (Check all that apply)

1. Security information and event management (SIEM)
2. Endpoint detection and response (EDR)
3. Security orchestration, automation, and response (SOAR)
4. Advanced threat hunting
5. Behavioral analytics

Here are the respondents’ answers:

These responses are interesting because they indicate several key technologies security professionals would like to be using more than they are at the current time. This is especially true of security orchestration, automation, and response (SOAR) technology.

To find out more about why they are not using the technologies they want, we asked the following question:

Which is the primary reason for not using the technology you need?

1. Cost
2. Lack of expertise
3. Lack of fully-staffed 24/7 security operations center (SOC)
4. Lack of staff resources
5. Unable to convince management of the need

Here are the respondents’ answers:

Cost and lack of staff resources are the two leading reasons they do not have the security they feel they need. Not every business needs the same things, and the reasons for not having them may differ from one organization to another, but to find the right MSSP for your business, you need to know what you need and why you don’t have it.

To learn more about how to evaluate your own and an MSSP’s tech stack, see Chapter 2 of the following ebook: 7 Experts Share Key Questions To Ask When Evaluating Providers.