IT and Business Insights for SMB Solution Providers

MDR Can Help Alleviate the Security Alert Challenge

With a managed detection and response solution, organizations can reduce alert-chasing and better defend against today’s threat landscape. By Rob Davis

Whether it’s a hospital saving lives, an energy plant generating electricity to provide air conditioning during scorching summers, or a bank protecting the life savings of families, every organization has a core mission to perform.

Cybercriminals, unfortunately, know exactly how to bring any organization’s mission to a screeching halt and cause major devastation.

While the proliferation of ransomware and malware attacks has been a hot-button issue for quite some time, recently the ease of monetizing these attacks has raised the stakes. Thanks to a landscape designed for cryptocurrencies to thrive, combined with novel attack vectors via remote workers and trusted third parties, the life of cyberdefenders has become very difficult. Deploying a managed detection and response (MDR) solution may reduce the burden for security teams and ease the worries of C-suite executives.

A survey conducted by Critical Start and IDC, in fact, found just how impactful an MDR service can be. One major discrepancy revealed by the survey is a broad misunderstanding of a core issue—we’re not struggling with a detection problem; we’re instead dealing with an alert fatigue problem. Any security team will tell you there’s no shortage of alerts detected; the real challenge is the inability to investigate them. Indeed, the survey found that nearly 30% of critical alerts from companies are either ignored or otherwise unable to be investigated, and this number doesn’t even take into account that most organizations are already ignoring the noncritical alerts. In a world where the cyberattack news cycle dominates headlines almost every day, this is a disturbing statistic.

Heading into the new year, the costs of cybersecurity are a major concern in the boardroom, according to the survey. Conversations at this level center around metrics like MTTD and MTTR, which demonstrate the effect of alert fatigue on an organization's ability to detect and respond to attacks. To the board, the time spent hunting down false positives represents a negative return on investment in security tools. In fact, the survey found that 58% of boardroom discussions are dominated by productivity loss from security events.

On top of that, there’s an overwhelming amount of noise in the security product and platform market right now. Buzzwords and trending terminology generate a lot of clamor, and a catch-all solution sounds tempting to executive decision makers when attacks are rampant. Buying into it all isn’t an effective strategy for real threat protection and mitigation, however.

ChannelPro SMB Magazine

Get an edge on the competition

With each issue packed full of powerful news, reviews, analysis, and advice targeting IT channel professionals, ChannelPro-SMB will help you cultivate your SMB customers and run your business more profitably.