Cybersecurity Whiz: MSPs Should Develop Threat Detection and Response Practices


Printer-friendly version Email this CRN article

MSPs would be wise to double down on security and take advantage of the greenfield opportunities around managed detection and response (MDR) in the SMB space, according to an industry expert.

Just 15 percent of enterprise and midsize organizations will have their own MDR services by 2020, creating an opening for MSPs to deploy programs like CrowdStrike or FireEye on behalf of the end user, according to Mike Buratowski, senior vice president of cybersecurity services for Bethesda, Md.-based Fidelis Cybersecurity.

"You have that opportunity to pivot, because by 2020, the midmarket isn't even saturated," Buratowski told more than 700 attendees of Continuum's Navigate 2016 user conference Thursday. "If you can monetize something like that, it's huge." 

[RELATED: Continuum CEO: 6 Steps MSPs Must Take To Increase Their Valuation]

MDR services are still mostly focused on the enterprise and upper mid-market, Buratowski said, meaning that MSPs can beat the competition to the punch by extending MDR services to SMB customers. 

"The opportunity is pretty big for you guys," Buratowski said. "It is an easy pivot to be an MSSP."

A strong incident response team involves far more people than the typical MSP initially realizes, Buratowski said. In addition to a client's CEO, chief financial officer, general counsel and human resources director, Buratowski said it's absolutely critical for clients to bring in a public relations specialist with expertise in crisis communications.

Firms that suffer an incident would be wise to explain what happened, how the company responded, and provide enough information to ease customer concerns, Buratowski said. 

"You need to message this," Buratowski said. "If I don't know what's happening, the absolute worst gets plugged in." 

Attorneys can also help with messaging, Buratowski said, both from a public relations and a legal protection standpoint. Additionally, Buratowski said any phone or email conversations that include an attorney typically don't have to be turned over during discovery and aren't admissible in court due to attorney-client privilege.

"If you have an attorney in the conversation, then it's covered," Buratowski said. 

Printer-friendly version Email this CRN article