Tag: IT Security

Always on Call: How to Avoid an IT Meltdown | In the News

November 9, 2022

For enterprise leaders hoping to ensure their companies can respond to outages whenever they happen, there are some essential tactics to execute, according to Mukesh Ranjan, Vice President at Everest Group.

  • Enable self-service for commonly occurring issues: Leaders can create marketplace portals, one-click resolutions, FAQs, and do-it-yourself videos contextual to company needs
  • Incorporate chatbots with embedded RPA: To address key workflows and use cases such as internet issues
  • Make resources available: During weekends and graveyard shifts, have a go-to process to respond to critical outages
  • Follow the sun model: Create rotation schedules to ensure round-the-clock resolution

Read more on CIO Dive

Is Managed Detection and Response (MDR) the Holy Grail for Cybersecurity Services? | Blog

July 15, 2022

With the meteoric rise in cyber attacks and cybersecurity talent shortage, Managed Detection and Response (MDR) can help enterprises improve incident detection, investigation, and response without more staffing. MDR provides a winning combination of technology, analytics, and human intelligence to improve cyber resiliency. Read on for recommendations for an effective cybersecurity approach.  

Contact us for questions or to discuss this topic in more detail.

The cybersecurity outlook has shifted from business and IT-driven to the C-suite. Enterprise investments are now geared towards establishing cyber resiliency programs with holistic threat advisory, comprehensive monitoring, and faster response as the key building blocks.

Let’s take a look at the elements enterprises want in cybersecurity.

Strategic enterprise priorities for running an effective cybersecurity program

Picture1 2

Picture2 2

The MDR solution

With the right building blocks, MDR is becoming a near-term remedy for major enterprise cybersecurity challenges and helping companies meet their strategic priorities for effective cyber security programs.

Sophisticated threats are becoming difficult to detect because they can evade traditional controls and detection techniques. MDR aims to improve the struggling enterprise incident detection, investigation, and response capabilities.

MDR leverages next-generation technologies to hunt and respond better. Further, MDR brings the perfect amalgamation of technology, analytics, and human intelligence to bolster the enterprise cybersecurity position.

Types of managed detection and response providers

Our recent assessment of MDR services for leading technology enterprises analyzed the evolution of MDR technology vendors. We looked at their evolution from providing Endpoint Detection and Response (EDR) solutions to adding greater value through different services.

MDR service providers take different approaches to solutions and pricing services and can be classified in the following categories:

Type A vendors: They primarily position their EDR offerings as part of MDR services and typically provide an as-a-service model that includes the necessary software along with services

Type B vendors: These multi-threat vector-focused vendors cover not only endpoints but also include cloud-based workloads and networks in their solutions. They propose as-a-service and pure services models depending on the customer’s requirements and investment into detection and monitoring software in the current environment

Type C vendors: They are primarily managed security services providers delivering end-to-end security services along with MDR. In certain instances, they create bespoke offerings depending on customers’ requirements. They are typically vendor-agnostic and offer both as-a-service and a pure services model

Points to ponder before embracing MDR

Bringing together existing capabilities with an experienced provider is the key to jumpstarting the enterprise MDR journey.

Below are some recommendations to achieve success when implementing MDR services:

  1. Start small
  • Add MDR capabilities to areas where your enterprise lacks capabilities or has an imminent need to scale existing capabilities
  • Consider starting with incident response and threat remediation, given the lack of skilled resources and the required tools and technologies
  1. Integrate with existing technologies
  • Undertake a comprehensive assessment to determine how the MDR provider’s threat containment and response approach can be best integrated with enterprise policies and business processes
  • Integrate with existing security technologies quickly and based on standards (e.g., Application Programming Interface (API), protocols)
  1. Choose the right MDR stack and vendor
  • Understand no single best MDR provider exists in the market. Select MDR providers that have experience in use cases relevant to the enterprise’s size, maturity, and industry vertical
  • Choose a technology-agnostic vendor with a proprietary delivery platform with log and data management, analytics, orchestration, and incident response capabilities

Once enterprises have kickstarted their MDR journey, they often can choose to combine overall cybersecurity and MDR services under one portfolio. In a few instances, we have observed the supply side proposing the convergence of the Security Operation Center (SOC) into the MDR solution to help enterprises save costs. Enterprises should leverage MDR in a way that complements their existing operations to essentially fill the gaps in their threat management strategy.

Managed detection and response pricing

MDR pricing models and structures are still evolving. For example, Type A or Type C vendors usually prefer going with per unit-based pricing models where EDR and other software might or might not be included depending on requirements. Bespoke offerings can further modulate the price based on service inclusions and exclusions. Thus, different pricing metrics are offered, such as per asset, per user, etc., which slightly complicates matters and makes apples-to-apples comparisons difficult.

Additionally, we have observed that service providers may command premium prices because of the delivery location and type of value-adds included. For example, in the government sector, we have typically seen onshore delivery because of compliances, regulations, and discomfort with offshoring. At the same time, we have seen a few other cases where vendors leverage offshore locations for functions such as 24×7 monitoring to improve price positioning.

High-end threat hunting and cyber deception services are niche skills in the market. The current talent war creates a void in enterprise threat management strategy. Managed Detection and Response, with its suite of services, has the potential to emerge as a market winner.

Learn how to we can help you benchmark prices and contracts for a wide array of services, from contact center service IT to business processes. Our price benchmarking catalogs cover competitive market pricing for the most prominent locations across the globe.

To discuss Managed Detection and Response and cybersecurity, please reach out to [email protected], [email protected], and [email protected].

Enterprises Must Bake “Contextualization” into Their IT Security Strategies | Sherpas in Blue Shirts

December 10, 2018

Given the rapid uptake of digital technologies, proliferation in digital touchpoints, and consumerization of IT, traditional enterprise security strategies have become obsolete. And challenges such as security technology proliferation, limited user/customer awareness, and lack of skills/talent are making the enterprise security journey increasingly complex.

Against that backdrop, the key thrust of our just released IT Security Services – Market Trends and Services PEAK Matrix™ Assessment 2019 is that the conventional, cookie cutter best practices prescribed by service providers no longer cut it. Indeed, we subtitled this new assessment “Enterprise Security Journeys and Snowflakes – Both Unique and Like No Other!” because the complexities of today’s technological and business landscape are forcing enterprises to use a much more guided and contextualized approach toward securing their IT estates.

What does this mean? To achieve success, enterprise IT security strategies must focus on three discrete, yet intertwined, levers.

Enterprise-specific Business Dynamics

In order to prioritize their investments in next-generation IT security, every enterprise needs to understand which assets it considers its crown jewels, how the business – and its security investments – will scale, and how to best mitigate risk within budgetary constraints. For example, a traditional BFS enterprise has far different endpoint security needs than does a digital-born bank.

Enterprises must also determine how delivery of superior customer and user experiences and exceptional security can co-exist. For example, a BFS enterprise’s introduction of an innovative new payments service backed by multi-factor authentication must operate without degrading the customer experience with delays.

Vertical Considerations

Enterprises need to take an industry-specific, value chain-led view of IT security that ensures optimal budget control without compromising the overall security posture.

For example, BFS firms must invest in security measures that protect their transaction processing and control/compliance capabilities. And building security controls for user access management, introducing behavioral biometrics into an integrated authentication process, and developing identity controls for anti-money laundering compliance are essential safeguards for sustainable competitive advantage.

Regional Considerations

Stringent regulatory environments (such as GDPR for customer data protection in Europe, PCI DSS for payments in the U.S., HL7 for international standards for transfer of clinical and administrative data between applications) and geography-specific nuances require a circumstantial approach to IT security. This means that geography-specific compliance around data protection, protectionist measures undertaken by the government, enterprises’ digital demand characteristics, and enterprises’ priorities in specific regions need to be taken into account. And global organizations must adhere to a well-defined strategic roadmap to address multiple variants of IT security standards across the globe.

For service providers, this essentially implies delivery of localized services in their focus geographies.

Taking a Phased Approach

While bolting-on IT security capabilities may lead to unnecessary – and valueless – sprawl, enterprises can avoid this challenge by investing in their IT security strategies in a phased manner, as outlined in the figure below.

IT Security Blog

To learn more about IT security contextualization, please see our latest report delves deeply into the important whys and hows of contextualizing IT security, and also provides assessments and detailed profiles of the 21 IT service providers featured in Everest Group’s IT Security Services PEAK Matrix™.

Feel free to reach out us to explore this further. We will be happy to hear your story, questions, concerns, and successes!

EG with tagline Neg
Linkedin-in Facebook-f Play Instagram
Better Decisions Powered by Tenacious Research    

Contact Us

Who We Are

About Us

Newsroom

Office Locations

Partners & Affiliations

What We Offer

Memberships

Custom Decision Support

Published Research

Careers

Why Everest Group

Explore Openings

Equal Opportunity Employer

Resources

Access Reports

Citation Policy

Everest Group Market Intelligence (EGMI)

Legal

Using the Reports Portal

©2023 Everest Global, Inc.         Privacy Notice          Terms of Use        Do Not Sell My Information

How can we engage?

Please let us know how we can help you on your journey.

Contact Us

"*" indicates required fields

Please review our Privacy Notice and check the box below to consent to the use of Personal Data that you provide.
Consent*