7 May 2020
Managed Detection and Response services are continually evolving as external forces directly influence them. As companies and public entities are dealing with more and more data, they also face more and more threats. Threats that are, for the most part, difficult to detect. This lack of visibility generates danger for the business, but also for their customers and employees.
MDR requires implements time, skills, resources, and investment. Like many cybersecurity domains, the ever-changing threat landscape continuously drives service improvements and modifications. We have to adapt detection methods to stay relevant and process the always-increasing volume of data. As an example, Orange Cyberdefense 11 CyberSOCs analyses more than 50 billion alerts daily.
As the attack landscape grows for most companies through digital transformation – and cybercrime in itself continues to grow as an underworld business – companies simply cannot ignore this critical function anymore. And the COVID-19 crisis made it worse…
Since the COVID-19 crisis started in January, we have witnessed a massive surge in requests for our MDR services. For CISOs and CEOs, it seems that the situation has highlighted the various limitations related to on their visibility of threats even more.
Even before the health crisis, the majority of businesses were finding it difficult to staff their Security Operations Center (SOC) to function fully. With a lack of funding to hire enough people (in MDR, teams work 24×7), alongside a shortage of skills such as security analysts, threat hunters, security platform administrators, and incident responders. COVID-19 has compounded this issue further due to many hiring freezes or, worse, staff reductions.
Even before COVID-19, there was a growing recognition in the cybersecurity industry that companies needed to place more focus on the endpoint as a target. COVID-19 has simply accelerated the drivers to look at more endpoint visibility as the sudden shift to home working left organizations nervous about users being outside of their security perimeters (many of them for the first time).
Ransomware continues to be an effective and destructive tactic employed by attackers all over the world. In most cases, these attacks did not happen overnight. Cybercriminals are exploiting the fact that the visibility gaps exist, and they are carefully planning and executing attacks that are bringing some businesses to their knees.
Even if some companies do invest significantly in Detection and Response and are quite well equipped already, many more still struggle. It is easy to get lost in the MDR landscape, so we have tried to answer the questions our clients ask us the most, as you will see in our next article.Discover our Managed Detection and Response solutions