Any organisation, no matter the size, that is required to comply with the Payment Card Industry Data Security Standard (PCI DSS) needs to implement a comprehensive ICT security capability to ensure they pass their annual review. The PCI standard contains auditing and monitoring requirements that ask entities to collects logs and raise alerts when they are under attack from cyber adversaries. Let’s explore this requirement and look at how your managed security service can help your customers achieve PCI DSS compliance without the need to redesign their network architecture or systems infrastructure.
Read More
There has been a massive up-swing in the formation, growth and adoption of managed security service providers (MSSP) in recent years. This has been driven by a number of trends such as the ever-growing cyber threat, the increase in the complexity and openness of technology systems, the shortage of cyber security skills (and the resulting difficulty in attracting and retaining good people) and the heightened regulatory and consumer pressures to protect systems and data.
Read More
No one will dispute that managed security services (MSS) are in high demand and many IT service providers are assessing the viability of MSS as a business model to see if it’s something they should offer. Yet, the specialised nature of security services, especially the ones that complement core MSSP services such as monitoring and incident response, are often out of reach.
Read More
One of the interesting by-products of using a SIEM to monitor for security threats is that MSSPs can also offer availability monitoring of critical systems as part of the services bundle. Security is about protecting confidentiality, integrity and availability, so there is an obvious crossover with the network and system monitoring traditional managed services providers offer, but there are advantages to MSSPs offering it from a security point of view.
Read More
Managed service providers not yet offering managed security should certainly consider the pros and cons of a security monitoring service prior to investing in the tools and people. However, the small to mid-sized market is crying out for cost-effective managed security, since getting it right with their own people can lead to unexpected costs and technology investments that are underutilised.
Read More
MSSPs should seek to educate rather than scare their customers about cyber attacks. Take your customers on a security journey by educating them on the threats facing their unique kind of business rather than presenting them with irrelevant facts and figures.
Read More
To get started in security services, there are two processes MSPs should develop before any others: protective monitoring and incident response. Both are coordinated through your security operations centre (SOC) and should be coupled to make them as effective as possible.
Read More
Managed service providers (MSPs) have a massive revenue opportunity in security services they are not taking advantage of yet. Allied Market Research projects managed security services to be a $40 billion marketplace by 2022 and over 60% of that revenue will come from the small to medium sized business (SMB) market demographic.
Read More
In an earlier blog post we looked at how security operations centre (SOC) teams can shift their services up a gear, through better automation, behavioural analysis and threat hunting. The concept of threat hunting isn’t new to security operations; yet, it’s one of the most misunderstood functions a SOC team performs.
Read More
What factors do CISOs take into account when choosing a SOC service model? Information security is high on the agenda of every UK and Australian board these days, especially given the changes in privacy legislation and mandatory data breach notification. However, security is a highly complex issue and requires a deep conviction throughout the business to be successful.
Read More