- This Samsung OLED spoiled every other TV for me, and it's $1,400 off for Black Friday
- NetBox Labs launches tools to combat network configuration drift
- Russian Cyber Spies Target Organizations with Custom Malware
- The Customer Adoption Journey of Cisco Secure Workload
- Three-Quarters of Black Friday Spam Emails Identified as Scams
What Types of Security Capabilities Do MSPs Offer?
Last time, I discussed the four basic types of managed service providers (MSPs) with which organizations commonly partner. Those categories help to determine the types of services offered by MSPs. In general, MSPs provide five primary services to customers.
Regulatory Policy Compliance
The privacy regulatory landscape is constantly expanding. According to Gartner, privacy regulations will cover the personal information of 65% of the world’s population by 2023. That’s up from 10% at the beginning of 2020, with 60 jurisdictions around the world having already enacted or proposed data privacy or protection laws.
Those regulations operate at various levels, making it difficult for organizations to keep up with their compliance obligations. For instance, 26 U.S. States introduced privacy bills in the first eight months of 2021; both Colorado and Virginia ratified their respective proposals in that period. What’s more, organizations need to balance their industry-specific regulations such as the Health Insurance Portability and Accountability Act (HIPAA) with their use of Zoom and other third-party apps to meet their evolving business requirements.
Fortunately, MSPs can do the ongoing work that’s required to ensure organizations maintain system compliance with mandates such as PCI DSS, SOX, and others.
Best Practice Framework Enforcement
While compliance with privacy and data protection regulations is mandatory for in-scope entities, organizations can augment their security postures even further by opting to adopt best practice frameworks. Take the Center for Internet Security’s Security Controls (CIS Controls) as an example. These Controls consist of recommended actions that organizations can use to defend themselves against the most pervasive attacks in the threat landscape today.
In the spring of 2021, CIS released Version 8 of its Controls. The updated set includes measures that organizations can use to secure their cloud and mobile technologies. It also groups a reduced number of Controls and Safeguards (formerly Sub-Controls) into three Implementation Groups (IGs) that organizations can leverage to prioritize their implementation of the CIS Controls.
That being said, there can be significant overlap between regulatory policies and best practice standards like the CIS Controls. In cases involving adherence to internal compliance programs, organizations may also need to undergo a compliance audit against a best practice framework. An MSP can help organizations to handle multiple policies and multiple audits simultaneously.
File Integrity Monitoring
File integrity monitoring (FIM) is a type of technology responsible for detecting changes that may be indicative of a digital attack. The challenge with certain FIM solutions is that they might just generate noise for organizations, thus complicating the task of identifying and investigating legitimate security concerns. They also tend to involve setting a policy, establishing a baseline for files, and other stages that might take security teams away from other important projects.
Fortunately for organizations, MSPs can take the hard work off their security team’s plate by running FIM solutions for them. They can specifically conduct continuous monitoring for change control and then act quickly to remediate risky changes that take systems out of compliance.
Vulnerability Management
Patch management is just one element of comprehensive vulnerability management (VM). Such a program also involves building a dynamic inventory of their connected hardware and software assets. Organizations can use that inventory to determine which IT assets need protecting and which IT assets they will subject to that procedure. It’s also up to organizations to scan their environments for known vulnerabilities and test patches before they deploy them.
When tasked with discovering and prioritizing vulnerabilities, an MSP can provide organizations with a dashboard view of their highest-priority vulnerabilities on any given day. Some MSPs leverage in-house vulnerability research teams whose role it is to stay on top of the latest footholds attackers are using to enter organizations’ systems. MSPs enable organizations to respond faster to emerging vulnerabilities with detailed remediation guidance.
Industrial Cybersecurity
Finally, MSPs can help organizations fulfill their industrial cybersecurity requirements. Many organizations need help specifically achieving visibility over their industrial assets. As discovered by Tripwire in 2019, only 52% of organizations use an asset inventory to track more than 70% of the industrial assets. Fewer than half of organizations have a baseline for the behavior of their operational technology (OT) assets or use a centralized log management solution for those devices at 31% and 39%, respectively.
MSPs can help organizations to fulfill their industrial cybersecurity needs. MSSPs with OT specialization in particular can implement solutions that read common industrial protocols, thus discovering and monitoring industrial assets that can’t be scanned with traditional IT tools as well as helping to meet compliance requirements in the process.
Just a Few of the Services Offered by MSPs
To learn about some of the other types of services offered by MSPs, download your copy of Tripwire’s eBook “Exploring Managed Cybersecurity Services: Mission Control for Security, Compliance, and Beyond” here.