What Is Small Business Managed Security?
Small business managed security is the process of handing some or all of your cybersecurity to a company that will protect it on your behalf. The tricky part is finding the right organization to work with.
While it’s clear that inside knowledge and in-house expertise are a hugely valuable asset, outsourcing some or all of the heavy lifting amplifies the benefit of those employees manyfold.
One significant benefit you might not expect: these services are often devised with your company in mind. McKinsey states that small and midsize businesses (SMBs) in the US actually outspend larger organizations when it comes to technology hardware and services.
This article explores the benefits of managed security for small business, and examines what you should be looking for when selecting a partner to work with.
What’s the Difference Between a Managed Service Provider and a Managed Security Service Provider?
You’re likely already a user of some sort of managed IT service, and it’s often via some sort of Managed Service Provider (MSP). A Managed Security Service Provider (MSSP) does one thing and one thing only: it specializes in securing organizations.
An MSP is often a one-stop shop for all kinds of IT services, from databases and networks through to applications and tech support. They can sometimes be a little reactive as a result.
MSSPs, on the other hand, have a laser-like focus on cybersecurity. They tend to provide more detailed incident response, security monitoring and resolution, and planning and training services. Proactive cyber defense makes strong business sense for them—and for you.
An MSP is more likely to either “white label” a managed security service from a specialist provider, such as a cybersecurity vendor or even an MSSP. An MSP can be an MSSP, but to do so, it often needs to either make significant investment itself.
It’s up to you to decide whether a generalist provider or a specialist will meet your organization’s needs, but it’s worth checking off the capabilities these organizations offer, and what their existing customers report as actually being the case.
The Advantages of an MSSP for Small Business
There are three interconnected benefits to using MSSP for small business. Each builds on the other two benefits to your organization as the user. The biggest benefit is business-focused: affordably reducing risk to more acceptable levels. Cyber risk topped small business’ list of concerns in the US Chamber of Commerce’s Small Business Index. Finding an MSP or MSSP willing to guarantee that their service is a cost effective, efficient, and can simultaneously handle day-to-day operational risk as well as existential business risk
Expertise, Efficiency, and Cost
It goes without saying that hiring and retaining cyber experts is expensive. That’s why pooling your requirements with several other businesses via an MSSP for small business makes complete sense—you get the expertise without the headache or the salary bill.
What’s more, when experts regularly exercise their cyber defense skills in multiple settings, they get even better at their jobs. It’s one thing to have solved a particular problem once or twice, but another thing entirely to have come up against that challenge in different settings several times a month.
Comprehensive Protection
We can mean several different things when we talk about comprehensive protection against cyber attacks, so let’s break them down.
First up, people. Expertise is one thing—and you may already have some very talented IT security staff on your team. But there’s no way they can be available 24 hours a day, 365 days a year without burning out.
Expertise in depth is one of the ways that managed services, and MSSPs in particular, can give you an edge. That might mean a team, rather than an individual, looking at an issue, supplementing your teams’ skills, or the ability to do it at any time of the day or night.
Then there’s the technology. Maintaining and upgrading the sorts of tools most MSSPs use is a difficult and expensive process. If you and your team are already very familiar with acronyms like EDR, EPP, XDR, SOC, and SIEM, you’ll how hard it is to keep all of those capabilities shipshape with the latest updates, detections, patches, integrations, and so on. An MSSP will do this work for its customers, and provide a Service Level Agreement (SLA) to ensure that they’re always up to date.
Finally, there’s the process side of things, specifically, the cost of developing and maintaining processes that map out what needs to happen both proactively and during an attack or intrusion. It’s hard to build these processes without operational experience and high volumes of data—both of which an effective managed security provider should have in droves.
Spreading the cost of expensive expertise, tooling, and processes via an MSSP for small business will improve your security posture, reduce your business risk, and hand the headache of cyber risk reduction to experts to handle on your behalf.
Services to Look for—a Brief Checklist
Most managed security services offer a laundry list of services and plugins that can replace or integrate with your existing services, and do so in as painless a way as possible. Often, MSPs and MSSPs will talk about their Security Operations Centers (SOC), that act as information and decision making hubs, sifting through security alerts and other information sources that might point to a breach. Though SOCs can deliver a massive impact in terms of protection, they can also be extremely expensive. But sharing one with other organizations through an MSSP can greatly defray the cost.
Here are some of the trainings and skill sets that an MSSP for small business should offer:
Soft Skills and Training
- General security awareness for all employees since they’re often the first line of defense
- Crisis workshopping to make sure that your in-house IT and cybersecurity teams have a plan, a playbook, and situational awareness in a crisis
Technical Services and Tooling
- Threat intelligence (TI). Understanding the nature of the threats you face is a never-ending task. Your MSSP’s TI team will establish and update your organization’s threat profile. The best MSSP for small business will have a threat intel team integrated into almost everything it does.
- Log and packet monitoring. If your organization has or will have a SIEM (Security Incident and Event Management) or NDR (Network Detection and Response) capability, your MSSP should be able to monitor and extract meaningful insights from either of these.
- Security Automation (SOAR). This capability is often uttered in the same sentence as SIEM. Where a SIEM collates the data that can be used to detect and track security incidents, a SOAR automates at least some of the response processes. As with any automation, expert human insights are what separates a knee jerk response from an effective one.
- Endpoint Detection and Response (EDR). This focuses purely on the endpoints in your network—things like servers, laptops, network switches, and smartphones. Deploying and maintaining EDR agents to these devices is often part of a managed security service engagement, as is alerting the business to when unprotected agents connect to their environment.
- Managed Detection and Response (MDR) and XDR. Where SIEM and EDR look for signs of activity and SOAR and the SOC react to this, MDR and XDR tend to look further down the road to understand and prepare for future threats. One of the real benefits of using something like this is that a documented cyberattack can be parlayed into detections for all of the customers protected by the service, effectively inoculating them from a spreading contagion.
- The basics. Antivirus, Multi-factor Authentication, VPN services, and DNS protection are all table stakes for any MSSP, even if you already have some or all of these in place.
The Bottom Line: Outsourcing Managed Security Services
At this point, you may be thinking, “How much does this all cost?” The answer, as ever, is that it’s complicated. At the low end, $30 per user per month is going to get you the basics, but depending on what your organization does and how many endpoints you have. Another option is to price per device protected, or by the volume of data your organization handles. This figure can go up to $500 per user per month— but it’s vital to look at what in-house capabilities and existing investments you can lean on when talking with potential MSSP partners.
If the price seems a little steep, it should be measured against two things: the cost of building an equivalent service in house, and the costs and risks involved in not having it in place. At the more extreme end of things, organizations that are subject to regulatory compliance obligations can face significant fines and other sanctions for losing customer data.
For the overwhelming majority of small and medium businesses, some sort of Managed Security Service Provider relationship will result in a lower cost of ownership and operation when it comes to effective cyber defense. The next step should be working out which MSSP for small business fits your organization’s specific needs.
Protect Your Business Today
SMBs around the globe have turned to SentinelOne Singularity™ Control to proactively resolve modern threats at machine speed. Request a free 30-day trial to see how SentinelOne can help you protect your business against every kind of threat, including ransomware and malware.