The Biggest Challenge for MSSPs is Noise From Fraudulent Actors
Arabian Reseller speaks to Amit Roy, the Executive Vice President and Regional Head for EMEA at Paladion, who says that there are many players on the market that want to cash in on the next-generation cybersecurity market. And that according to Roy, is the biggest challenge MSSPs face today.
What sort of opportunities are present for MSSPs in the region?
There are substantial opportunities created by the region’s unique threat landscape. Organizations in this region face the same global threats everyone faces today, but they also face a much greater volume of politically-motivated attacks that organizations in any other region.
There’s just greater need for effective next-generation security services here than anywhere else. Both private organizations and governmental bodies know this and are investing heavily in countermeasures.
How has the evolving threat landscape changed the way MSSPs work today?
That depends on the MSSP. Unfortunately, many traditional MSSPs have not evolved. They still offer traditional security services and have simply rebranded in order to appear relevant. In addition, traditional technology players have begun to offer MSSP-like security services as an ineffective upsell.
Security providers who have actually evolved their services focus on detection and response as much as prevention and have embraced emerging technology like Artificial Intelligence and Machine Learning coupled with highly skilled human intelligence to provide the much-needed security measure.
What, according to you, does becoming an MSSP entail?
That definition is constantly evolving. I would say that the one important thing an MSSP needs is to continuously adapt to the evolving Threat Landscape.
Today, it is no longer enough to have just a team of security operators and analysts that look at logs from a SIEM. To qualify as a true MSSP, one should be able to detect unknown threats that SIEMs cannot detect and be able to predict attacker TTPs (Tactic, Techniques, Procedures) to evolve defences.
Take for instance our MDR Security Command Centers, where AI/ML technologies are being effectively used by a team of Security Researchers, Ethical Hackers, Threat Hunters, Analysts, Incident Responders, Malware Engineers, Data Scientists and more to provide advanced detection and response capabilities to counter the evolving threat landscape.
Most attacks are now unknown attacks, from unknown attackers. Yes, traditional attacks are still being deployed by predictable threat actors. But today’s worst attacks simply can’t be prevented, or predicted, or patched against. You need to embrace advanced threat analytics that can find, map and remediate these new threats in near-real time— even after they have already breached you.
How can MSPs make the transition to becoming an MSSP?
The best and simplest way is to partner with Paladion. Whether you are evaluating a partner or trying to build expertise, you should remember that there are three core items that a next-generation security provider must offer their clients.
First, managed detection capabilities that extend beyond traditional signature-based detection to find unknown attacks. Second, managed response capabilities that centralize, orchestrate and automate most response activities to accelerate remediation.
Third, full integration of AI into their security platform. AI offers the only way to process massive threat volume and to detect today’s creative, sophisticated, unknown attacks.
Does your company run an MSSP Program? Please share details.
Yes, our program defends you against attacks at every stage of the threat lifecycle. We offer the following as part of our AI-Driven Managed Detection and Response Services:
- Threat anticipation that monitors global feeds for emerging threats.
- Threat hunting that deploys four analytics vectors to detect lurking threats.
- Security monitoring of all on-premise, hybrid, and cloud infrastructures.
- Incident analysis that reduces false positives and maps unknown threats.
- Auto containment that quarantines threats immediately after detection.
- Response orchestration that remediates threats in near-real-time.
Apart from these, we offer several other security consulting and compliance services. You can head over to our website for more information.
What challenges can MSSPs face on the market today? How do you as a vendor or partner try and address it?
The biggest challenge is noise from fraudulent actors. As we mentioned, many players want to cash in on the next-generation cybersecurity market. That’s lead to many companies saying they offer next-generation security services who are in fact only packaging it that way.
In response, we can only do two things. One, we can offer true next-generation security services. Two, we can educate the market about what’s truly needed to defend yourself today.
What are the drivers that generate demand for services and solutions offered by MSSPs?
Two factors are creating today’s need for robust cyber security services: First, Digital transformation initiatives by organization across verticals. While digital tools give businesses incredible new capabilities, they also open up countless new vulnerability points and interconnections which attackers take advantage of. The perpetrators use their own new technologies to flood organizations with more attacks, more threat data, and more noise than anyone can handle by themselves.
Second, while digital initiatives are at a rise, there is increased focus on convenience and faster rollouts with less focus on security measures, which increases the threat profile. Lastly, security awareness, in general, is still low amongst users who may unknowingly become a conduit of a cyber attack.
Any other info you would like to add?
We would like to thank you for giving us the opportunity to speak candidly about the region’s threat landscape. We have recently made a huge commitment towards protecting this region and created the region’s first AI-Driven cybersecurity centre. We have many clients in the region across different segments, and are doing everything in our capability to provide the region with the advanced security services it needs.