If you’ve ever done an RFP to engage a Managed Security Service Provider (MSSP) or a Managed Detection and Response (MDR) provider, you’ll know what a tricky dribble it is… There are hundreds of prospective providers to choose from and a great deal of marketing buzz to wade through.
To help you work through the complexities of this market — and better compare providers’ offerings — we’ve put together this brief guide.
Download our guide to learn more about the seven key considerations to keep in mind when evaluating managed security services, including MDR:
1. Core Objectives
2. Threat Visibility
4. Single Providers vs Multiple Providers
5. Outcome vs Technology
6. Meaningful SLAs
7. Role of Procurement
Understand your core objective. Is it detecting and responding to attacks, or just meeting compliance requirements?
You don’t need to purchase specific security technology; onboarding and tuning is accelerated, meaning you are up and running quicker.
Don’t be put off by out-of-budget pricing. Instead, negotiate.
Single Providers vs Multiple Providers
Partner with a single provider for mission-critical work.
Outcome vs Technology
Keep your focus on outcomes, not technology.
…But don’t hesitate to replace legacy technologies if they don’t deliver on your security outcomes or enable your MDR provider to succeed.
When evaluating proposals and SOWs, look for meaningful SLAs that will enable you to achieve your desired outcomes.
Role of Procurement
Procurement has a role to play in the vendor selection process, but the final decision should be made by stakeholders who understand the business risks.