Do you know which cyber security service is right for your company?

Around 53% of companies worldwide feel they don't have the necessary skills on staff to keep data safe from cyber threats and attacks, according to Gartner. On the other hand, to thrive in the technologically supercharged future, companies need to keep up with the digital transformation as it evolves. Executives seem to understand the value of this in the medium and long term, but they don't always find it easy to translate the digital future into the current business model.

We understand the scenario well. And with the different strategies adopted by cyber security service providers, it's not uncommon to have doubts when choosing between them. Understanding the categories of protection services available on the market is what will help the executive select the one that best fits the organization's needs.

And among the various types of security as a service offerings on the market, two are the best known:

Managed Security Services (MSS);

Managed Detection and Response Services (MDR).

What is MSS?

The protection market was born as MSS. This is operational security, quite different from a strategic service. What this means is that we are taking over the cybersecurity operation of a company's environment, which includes good practices among the teams that access company data and information, updating the antivirus, configuring the firewall with the relevant rules, the IPS online and with the best possible settings.

Threats are monitored, but no decisions are made about events. All alerts are sent to the client.

The MDR evolution

MDR, on the other hand, emerged as a solution for organizations that wanted to elevate cyber security to a strategic level and thus reduce the window of exposure to risks.

It's a threat detection and response service, common in the SOC (Security Operations Center) model. But while a traditional SOC only generates alerts, MDR searches for threats, which means in-depth research and risk analysis. This approach allows for more comprehensive and tactical solutions.

In cases where the client has an in-house IT team or an active MSS contract, the use of MDR is complementary, offering threat detection and incident response. In this context, alert fatigue is eliminated. The client receives 24/7 incident response support. Alerts are reported, events are triaged, and if one of them is a threat, response actions are carried out.

Nowadays, with the advent of zero-day attacks happening more and more frequently, it is almost impossible to prevent an access device from being infected at some point by malware. The role of the MDR service is to detect the intrusion as quickly as possible and respond to the incident in such a way as to reduce the attacker's time inside the company's device or network.

MDR services guarantee companies qualified security support because they combine technology with human analysis and threat intelligence. In this way, no threat is overlooked. Where software and hardware fail, specially trained analysts intervene to monitor data on access devices, networks and the cloud.

This reduces the company's exposure to risk and keeps all stages of the business protected.

Market vision

Concern about breaches and other vulnerabilities has grown among business executives in Brazil. As a result, cybersecurity companies have had to transform their offerings and adapt to deliver the right solutions with the same dynamism as the market. There has been innovation in areas such as SOC and cloud security.

We adapt. Not only with a robust technical capacity, made up of more than 100 engineers in the SOC with more than 500 certifications, including PMP, ITIL, CISSP and Computer Hacking Forensic Investigator Certification (CHFI). But also by putting a new SOC concept on the market: Vision 2.0.

ISH's innovation was recognized in the ISG Provider Lens Cyber Security - Solutions & Services - Brazil 2020 study, which assessed the strengths and competitive advantages of 55 companies in the Brazilian cybersecurity market. It was elected market leader in 2 quadrants of the report: Technical Security Services and Managed Security Services.