Trustwave Blog

5 Qualities to Look for in an MSSP | Trustwave

Written by Dan Kaplan | Dec 1, 2014

Independent research firm Forrester Research has published a new report that names Trustwave as a leader in managed security services.

The report, "The Forrester Wave™: Managed Security Services: North America, Q4 2014," identifies the "most significant vendors in the North American market that security and risk professionals can turn to for solving some of their most important security challenges."

The timing of the report is opportune. Increasingly, businesses are turning to managed security services providers. According to the 2014 Security Pressures Report, 82 percent use or plan to use managed security services to help alleviate their challenges. So how do you know if you might need to join the bandwagon and partner with a managed security services provider (MSSP)?

In essence, MSSPs can help bear the burden of your needs and challenges so you can concentrate on what matters to you: your business. Many organizations do not have adequate expertise in security, risk and compliance, but MSSPs typically do. Most businesses also are navigating an IT landscape characterized by growing connectivity; proliferating data, systems and applications; and advancing threats. Ensuring that security scales across this increasingly complex sphere can be a daunting - and revenue-draining - task.

Here are five characteristics you should look for in a reliable and capable MSSP:

Expertise:
Never before has security been such a top-down business imperative. But there is a reason many companies are stumbling when it comes to protecting their data and responding to data breaches: Security isn't their core competency. Delegating some of the work to a trusted partner whose staff includes highly skilled and renowned security and compliance experts, ethical hackers, researchers and incident responders is an easy way to bridge the talent gap.

Advanced security:
Many businesses are still stuck in the past, where they believe traditional technologies like anti-virus and firewalls are the smartest security investment they can make. The fact is, attackers and malware have found ways to easily evade these controls, which is why you should look to managed providers that offer high-value security solutions, such as anti-malware, network access control, SIEM and security testing.

Threat intelligence and management:
The bad guys never sleep, and their attacks know no geographical bounds. And neither does your business. Look to MSSPs that offer round-the-clock coverage that follows the threats, and can help ensure security events and incidents are immediately discovered and dealt with. The faster the response to a live attack, the quicker the saboteurs can be pushed back, thus limiting any damage they may attempt to cause.

Adherence to agreements:
We can all relate to having the misfortune of hiring somebody for a job and them not living up to their promises and expectations. Nothing is more maddening, especially when the safeguarding of a company's lifeblood - its data - is involved. MSSPs that have a proven track record in delivering on their commitments and obligations make for a much more satisfying customer experience.

Customer service:
No business is the same, and you should search for MSSPs that - at the outset of the relationship - recognize that they must customize their offering based around your organization's individual needs. And, if problems do arise, responsiveness, communication and speed are pivotal. Everyone loves receiving personal attention and not feeling like they are being treated like just another account.

***

Managed security services can help alleviate many of the pressures you face daily: advanced malware, data breach threats and resource constraints. Whether you're on the hunt for an MSSP or just want to better understand the market, independent research firm Forrester's new, 26-criteria evaluation identifies how industry leaders like Trustwave can help. Download the report here.

Dan Kaplan is manager of online content at Trustwave and a former IT security reporter and editor.