Complex, multi-layered cyber attacks have become commonplace. They threaten not only large, international organisations, but also increasingly small and medium-sized companies with data theft, spyware or ransomware attacks.
Organisations with tight budgets, especially within the current macro-economic environment, will find it much harder to protect themselves and their customers. Now, more than ever, do they need reinforcement from Managed Detection and Response (MDR).
An MDR service combines modern cyber security technologies with the competence of certified IT-security experts in an external Security Operations Center (SOC). This service utilises ground breaking defence technologies and cyber security platforms. Additional sensors can correlate security relevant information from more sources for an all encompassing protection enabled via an Extended Detection Response (XDR). This type of service is a value add which is out of reach for most organisations.
- Detection, Scanning and Attack Defence - 24/7 Experts continuously scan attack vectors such as endpoints, networks and cloud environments.
- Proactive Threat Hunting - Security experts look actively for anomalies such as Advanced Persistent Threats (APTs) in the clients' infrastructure. These APTs, often fileless malware, reside dormant in the victim's infrastructure ready for the actual attack. Conventional EDR may not detect APTs or detect them far too late. In a SOC, MDR experts monitor and analyse anomalies from internal and external sources. These experts interpret data provided by AI driven cyber defence.
In addition, these experts benefit from their experience in military digital attack defence or from digital criminal contexts.
- Improved Detection Processes - Clients and MSPs collaborate very tightly with MDR experts in the SOC.They communicate via their dedicated MDR portal, manage their systems and analyse any alarms. In addition, the MSPs, in conjunction with their clients, can execute recommended defensive measures and manage risks using a central dashboard.
Implementing an MDR is less complicated than one might expect. Many onboarding procedures are automated. A baseline analysis of the current security setup will precede the implementation whilst the diagnostic report will set the agenda for the ensuing project.
Accxia is a Bitdefender Partner and the Managed Services Provider of the Accxia ONE Cloud.
Costs of an internal SOC: $1.2m over three years.
Costs of an MDR service with external SOC: $120k over three years