When managed security service providers (MSSP) evaluate a cybersecurity vendor, they usually start by reviewing the technology offerings. The vendor’s technologies often drive the MSSP’s business model and ability to respond to client needs. Technology is the core concern for many MSSPs. However, focusing solely on technology ignores the other two parts of a robust cybersecurity program. The people that use technology need processes that streamline their daily tasks.
An MSSP offers security device management and continuous monitoring using a collection of technologies that enable them to provide:
Companies looking for a cost-effective way to enhance their security posture work with MSSPs to mitigate some or all of their cybersecurity risk, and overcome the cybersecurity skills gap.
While many MSSPs focus on cybersecurity technology capabilities, they should remember that their customers come to them for services. Too often, MSSPs view their vendor relationship as a transactional agreement focused on products. However, when they incorporate cybersecurity vendor experience they can build a relationship that enables long-term business success.
MSSPs should treat conversations with their sales engineers the same way they would treat potential employees during a job interview. The sales engineers should be able to understand and articulate the MSSP’s:
To achieve a successful and profitable cybersecurity vendor relationship, MSSPs need to consider how vendors respond to important evaluation questions.
Vendors should understand the services portion of the MSSP equation. For MSSP customers, security is one part of a larger business model. For MSSPs, security is the business model. A vendor should discuss its technologies in ways that align with MSSP business and revenue objectives. Some terms to look for include:
Ultimately, the vendor should help its customer achieve its business objectives.
MSSPs evaluating vendors should consider whether they provide the following support capabilities:
Finally, MSSPs need to ensure vendors take the same approach to their technology standards that they do their people. A vendor that understands the MSSP business will provide technologies that are integrated and integratable. While an integrated solution incorporates multiple tightly-connected technologies that work together, an integratable solution fits seamlessly into the overarching business technology stack.
A vendor’s technology services should be:
When a vendor provides well-defined technology standards, it proves its commitment to MSSPs. By reducing the operational overhead per customer, the MSSP is more profitable.
The cybersecurity vendor acts as the MSSP’s intermediary between attackers and customers. As part of the vendor’s threat intelligence services, the MSSP should have people engaging in research.
Cybersecurity vendors should have teams actively engaged in zero-day research that support their artificial intelligence (AI) and machine learning (ML) technologies. These supporting services should include research across:
MSSPs use cybersecurity vendors as the foundation of their services and offerings. To build successful short- and long-term business strategies, MSSPs need vendors who have best-in-class technologies supported by knowledgable people and proven processes. MSSPs must have a true relationship with their vendor so that they can provide their customers with the best services possible.