Comodo Cybersecurity, a global leader in threat intelligence and malware cyberdefense, has introduced new managed security services in response to mounting cyberattacks on small and medium-sized businesses (SMBs) as well as state and local government and education organizations (SLEDs).
A staggering 58 percent of all malware attack victims are categorized as small businesses, according to the Verizon 2018 DBIR. In 2017, more than half of all SMB’s experienced a ransomware attack, and the cost due to damage, theft or disruption caused by cyberattacks exceeded $1,000,000 for the average SMB, according to Ponemon Research.
Comodo cWatch MDR†is a Managed Detection and Response cybersecurity solution designed to serve SMBs and SLEDs. It addresses the onslaught of SMB-directed cyber threats with enterprise-class Defense-in-Depth (DiD) cybersecurity for organizations that couldn’t afford, or support, these advanced capabilities. Comodo cWatch MDR includes SIEM (Security Information and Event Management) and SOCaaS (Security Operations Center-as-a-Service), and provides cybersecurity on local networks, on the web, and in the cloud.
DiD entails cyberdefense across multiple IT security domains, layering security controls throughout IT systems – a best practice for combating increasingly sophisticated cyberattacks. The comprehensive nature of DiD and need for integration have traditionally put DiD out of reach of mid-market organizations and even of some enterprises due to needs for specialized staffing, support for complex infrastructure, costly integration of multi-vendor solutions, high license counts and frequent updates and upgrades. With Comodo cWatch MDR, SMB organizations can obtain DiD-as a-Service, either directly or through their preferred Managed Service Provider (MSP), making such comprehensive security attainable and sustainable.
“Ransomware and other crippling attacks no longer target only large enterprises. Mid-sized organizations have been largely left to fend for themselves against this kind of advanced threat, until now,” noted Carlos Solari, Comodo VP of Cybersecurity Services and Compliance. “Comodo cWatch MDR brings SMBs an affordable and highly capable defense-in-depth solution, bridging key gaps in the cybersecurity stack around complexity, staffing, and compliance.”
In preparing to launch, Comodo worked closely with analysts Tony Palmer and Jack Poller at research firm ESG, whose testing revealed that “Comodo cWatch MDR enables organizations to quickly deploy and integrate a turnkey SOC for DiD protection of critical assets – endpoints, networks, websites, and cloud resources – unifying those different pieces under a common control framework.”
Other analysts concur with this positive assessment. “Organizations of all kinds, particularly large enterprises, report being overwhelmed by the large number of alerts and threats and smaller organizations are not immune,” said Fernando Montenegro, 451 Research senior industry analyst. “To address this problem, we see increasing interest in service approaches that aim to deliver enterprise-class cybersecurity, including defense-in-depth, to small and medium businesses. Comodo’s combination of MDR and SOC-as-a-Service fits into this category.”
A New Paradigm for Incident Handling
The traditional MDR model generates an overwhelming volume of events and a cascade of false positives, consuming all available security analyst time and attention. The situation is worsened by the need to manage disparate, often incompatible technologies from different vendors, limiting the value of event analysis and response. Solutions intended to lighten the load for security practitioners end up generating noise and alert fatigue, masking key events and increasing the likelihood of those events turning into costly incidents.
Comodo cWatch MDR adopts a different approach, automating repetitive and low-level analyst activities, freeing security practitioners to focus on value-added activities — intelligence-led prevention (threat hunting), discovery of vulnerabilities and design flaws, security prioritization, and gap remediation. Comodo cWatch MDR Security Orchestration Automation and Response (SOAR) capabilities result in less time spent on post-incident forensics by enabling defense-in-depth protections.
To meet the challenge of bringing DiD to all types of organizations, Comodo cWatch MDR offers the following capabilities:
- 24x7x365 fully managed cybersecurity platform
- SOCaaS with global SIEM and SOAR
- Incident detection and response for network, cloud, web, and endpoints
- Fully integrated DiD as recommended by the National Institute of Standards (NIST) SP 800-53 R5 security controls and ISO 27001 security clauses
Comodo cWatch MDR and the Channel
“Comodo cWatch MDR responds to requirements from Comodo channel partners, especially MSPs,” added Rebecca Myrick, Comodo VP of Channel Sales. “Our DiD offering, delivered as a SaaS, fits perfectly into the MSP go-to-market and is a good match for their mid-market customer profile.”
SMB organizations and MSPs will look to Comodo cWatch MDR for:
- Reduced cybersecurity Capex from delivering DiD-as-a-Service versus a mix of on-premise hardware and software
- Optimized Opex from reduced staffing requirements and consolidation of diverse DiD components and vendor subscriptions
- Preemptive versus reactive cybersecurity
- Fully integrated DiD as called for by NIST