8 Questions to Ask when Vetting Managed Security Service Providers
Managing cybersecurity in-house is an increasingly futile endeavor. Threats are constantly changing and becoming more difficult to detect. Mobile, the cloud, SaaS providers and the Internet of Things have made it challenging to maintain full visibility into a corporate IT environment, let alone keep the network and your sensitive data secure.
Few organizations have the expertise to manage the necessary systems and software, and the shortage of trained cybersecurity professionals has most organizations struggling to find top talent. The fact is, cybersecurity is a team sport. Even if you’re lucky enough to land a superstar, it takes a team to provide 24×7 coverage.
A managed security services provider (MSSP) helps organizations fill these gaps by providing the expertise, advanced cybersecurity tools, and personnel required to keep up with modern threats in complex IT environments — all for a monthly fee that is much lower than the cost of the entire team needed to manage a strong security program. Unfortunately, finding the right MSSP can be so overwhelming that it keeps organizations from shifting to a managed services model.
Here is a list of questions to help you find the right fit and make the process of evaluating MSSPs a bit less daunting.
1) What are the capabilities of your Security Operations Center and where is it located? A robust Security Operations Center (SOC) should operate around the clock, combining automation, artificial intelligence and human analysts to provide 24×7 monitoring and remediation. Look for a robust, domestic SOC that offers critical services such as security information and event management (SIEM) and vulnerability management.
2) What are your staff’s qualifications? Get beyond generic marketing claims and demand specifics. How many years of experience do they have? An average of at least five years is ideal. What are their technical certifications? What percentage of employees has achieved these certifications? Do they specialize in specific industries?
3) Who are your technology partners? The software and equipment used by MSSPs provide the foundation for the services they offer. Make sure your MSSP uses modern tools from reliable partners that are compatible with your infrastructure.
4) What is your strategy for protecting my data? Data is the lifeblood of your organization. How does the MSSP protect your data that they are collecting? How is this data protected while in transit? Is your data being collected into an environment the MSSP is responsible for? What if you end the relationship with the MSSP, can you keep the logging systems and data? Every MSSP should have a clear, documented data protection strategy.
5) Can your services be customized to suit my organization? Few solutions will be the right fit out of the box. An MSSP should be willing and able to customize services to suit your organization’s risk tolerance, governance policies and compliance requirements.
6) What is a recent example of your incident response plan in action? The best MSSP on earth won’t stop every attack, so you need to know how security incidents are handled. How was the threat detected, investigated and remediated? What steps were taken to prevent a repeat occurrence?
7) What types of reports should I expect and how often? Regular reports show you how secure and compliant your technology environment is and how well your MSSP is protecting it. Ask for sample reports and have the MSSP explain the data. Find out if you have a self-service option to generate your own reports.
8) What do your customers say about the quality of your services? Read customer reviews. Read case studies. Ask to speak with references. Understanding the real-world challenges faced by an MSSP’s customers, and how the MSSP helped them overcome those challenges, will provide far more insight than a brochure or website.
SageNet Managed Security Services can help you meet business, legal and regulatory requirements while developing a mature, best practices-based security framework for your entire technology environment. We provide 24×7 services and management from our U.S.-based network operations and security operations centers, applying valuable feedback gained from customers and top security vendors. Contact us to request a cybersecurity review and learn more about our managed security services.
Paul TruittChief Information Security Officer
As our CISO, I have the opportunity to ensure we have the best cyber technology and services to simplify the lives of our customers as well as provide the most secure and compliant services possible.Get to know Paul
SageSECURE, Cybersecurity Consulting Services
SageSECURE, Cybersecurity Consulting Services
Interested in what our experts had to say?
Learn more about our services - all driven by the changing technology landscape.