See how you can save 70% of the cost by reducing log volume and staying compliant.

What is a MSSP?

Learning Objectives

• Learn about what a MSSP is
• Learn about what a MSSP does
• Learn about how and when to choose a MSSP

Many businesses recognize the importance of cybersecurity, but they struggle to manage it effectively on their own. They may lack sufficient in-house security expertise, or be unable to keep up with the security requirements of constantly evolving environments.

In these cases, Managed Security Service Providers, or MSSPs, can step in and fill the breach. MSSPs specialize in delivering security services on an outsourced basis, allowing businesses to manage security needs effectively without hiring security experts.

Here's an overview of what a MSSP does and why a business might choose to work with one.

MSSP Defined

A Managed Service Security Provider, or MSSP, is a security engineer or firm that provides cybersecurity services for other businesses.

MSSPs offer their services on an outsourced basis, meaning that organizations can hire MSSPs to meet specific security needs that their own internal IT staff cannot address. This service model makes MSSP operation easy to tailor to fit your business's particular needs. You can hire MSSPs to perform whatever services you require and pay for them based on the number of services you consume. In many cases, this is preferable to maintaining a full-time security team, especially if your IT environment isn't large enough to justify investment in that kind of team.

MSSPs are similar in this respect to Managed Services Providers, or MSPs. MSPs provide managed IT services on an outsourced basis to other companies. However, while MSPs deliver a range of general-purpose IT services – like data backups, help desk support, and network management – MSSPs specialize in security services alone. (Some MSPs may also offer managed security services, which makes them MSSPs, but not all MSPs are also MSSPs.)

What Do MSSPs Do?

MSSPs can provide a range of managed security services. A complete list is beyond the scope of this article, but common examples include:

  • Intrusion testing: MSSPs can probe client IT resources to detect potential security weaknesses that could lead to a breach.
  • Intrusion Detection: A MSSP can alert clients to breaches of their IT environments.
  • Vulnerability Scanning: A MSSP can identify resources that are unpatched or misconfigured.
  • Management and Setup: MSSPs can set up and manage security tools and defenses, such as firewalls, antivirus platforms, and VPNs.
  • Education: MSSPs can provide education and training to help clients' employees and users resist security threats.

The specific services that MSSPs offer vary from one MSSP firm to the next. Some MSSPs provide a range of managed security services, while others specialize in certain areas (like network security or data security).

When and How to Choose a MSSP

Not all businesses need a MSSP. And even if you do need a MSSP, the best one for you will depend on your specific security requirements.

In general, it makes sense to hire a MSSP if either of the following is true:

  • You are a small- or medium-sized business that lacks any in-house security team. In this case, a MSSP will effectively become your security team.
  • You have an in-house security team, but it cannot handle all of your security requirements independently. A reason for this may be that your in-house team lacks expertise in specific domains, or because the group just isn't large enough to keep up with your entire environment. A MSSP can supplement your in-house security staff to ensure comprehensive security coverage in both of these situations.

If you choose to work with a MSSP, consider factors like the following:

  • How many security domains – if any – your existing full-time staff can address on their own. Outsource any domains they can't handle to a MSSP.
  • Where your most significant security risks are, which types of incidents you face most often, and which incidents result in the longest mean time to detect (MTTD) and mean time to resolve (MTTR). MSSPs who specialize in certain types of risks may be able to help you shore up the weakest links in your existing security strategy.
  • Which security risks your IT team can theoretically handle on its own but does not handle well. There is a certain amount of a gray area between generic IT services and security services, so you'll need to think carefully about what your IT team (as opposed to your security team, if you have one) is and isn't capable of doing securely. For example, if your IT team can set up a VPN but lacks the expertise to optimize it for security, you may want to hire a MSSP to help with the latter task.
  • The security tools you use. Some MSSPs may be willing to work with whichever tools you have in place, while others will want to deploy their own SIEMs, SOARs, and other types of security solutions.

Conclusion

For various businesses, MSSPs play a central role in closing the gap between IT operations and security operations. But because different MSSPs provide different types of managed security services, you should carefully evaluate your security needs before choosing whether and how to engage with a MSSP.

It’s time to let data charge