mobile-logo

Managed Detection and Response (MDR): What is it?

Team of Professional IT Developers Have a Meeting, Speaker Shows Growth Data with Graphs, Charts, Software UI. Shown on TV. Concept: Software UI Development, Deep Learning, Graphs, Charts.
22 Oct

Managed Detection and Response (MDR): What is it?

by Michael K Hamilton
in SMB Blog
Comments

This article was originally published by CI Security. To read the original posting of this article, click here.

 

Managed Detection and Response (MDR) is a managed cyber security service that provides intrusion detection of malware and malicious activity in your network, and assists in rapid incident response to eliminate those threats with succinct remediation actions. MDR typically combines a technology solution with outsourced security analysts that extend your technologies and team.

 

Isn’t that What MSSPs or Managed SIEMs Do?

 

No. Managed Security Service Providers (MSSPs) monitor network security controls and may send alerts when anomalies are identified. MSSPs typically do not investigate the anomalies to eliminate false positives, nor do they respond to real threats. This means that abnormalities in network usage are forwarded to your IT personnel who must then dig through the data to determine if there is a real threat and what to do about it.

 

Doesn’t My Firewall Protect My Network?

 

Kind of… Firewalls and other preventive forms of cybersecurity are very important and effective at preventing basic cyberattacks. However, over the past decade it has become clear that preventive cybersecurity technologies are not enough to secure an organization’s network. Further, they are yet another source of alerts, log messages, and events that contribute to the “alert fatigue” being universally suffered today. Recent major hacks such as the Marriot Hack of 2018, the Anthem Hack of 2015, and the Target Hack of 2013 demonstrate how easily cybercriminals can breach networks at enterprise organizations to steal millions of credit cards numbers, medical records, and other forms of PII/PHI.

 

What’s All This Talk About Artificial Intelligence?

 

Artificial intelligence as applied to security problems is nascent. Automating intelligence using computing has potential, but that potential won’t be met for some time AND there’s a growing arms race with criminals that weaponize AI to defeat AI. Today, and for the foreseeable future, the only reliable analysts are human.

 

With that said, artificial intelligence can be an incredible force multiplier to human expertise. For example, CI Security’s monitoring platform, Critical Insight, uses advanced threat detection to sift through millions of network events and identify suspicious activity for human investigation. Our analysts then conduct an investigation and use replayable packet capture to confirm whether or not a security incident has occurred. If confirmed, our Security Operations Center (SOC) issues an Incident Action Plan, and works with your team or service provider to respond, remove, and remediate the compromise before any actual loss occurs.  This response includes both the preservation of evidence and full recovery monitoring.

 

What Sets Critical Insight MDR Apart as a Managed Detection and Response Solution?

 

  • Deep expertise aligned to your organization’s cybersecurity requirements and vulnerabilities
  • Dedicated Security Analysts monitoring your network for threats
  • Embedded MDR tools with Advanced Analytics and Integrated Threat Intelligence to accurately identify threats
  • Complete Security Event Investigations, freeing your IT resources from the burden of false positives
  • Individual Incident Action Plans to defeat the threats, minimize damages and reduce recovery time
  • Post-incident response and recovery assistance
  • Auditability and regulatory compliance
  • Positive effect on key cybersecurity metrics: incident frequency, time to incident close, cost per incident
No Comments

Post a Comment

Comment
Name
Email
Website

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Steve’s been with SMB Suite since 1998 and has been involved with nearly every aspects of the Company’s business as a strategist, professional services executive, cloud solutions architect, and senior consultant. In his current role, Steve is responsible for SMB Suite’s revenue and oversees the execution of ERP, CRM and BI projects for customers across a broad range of industries. Steve combines his expertise in MS Dynamics GP, CRM and other Microsoft products with a strong foundation in accounting and business to identify gaps and streamline customers’ processes. Prior to co-founding SMB Suite, Steve was previously Corporate Controller for MEHLE Behr and, prior to that, Audit Senior for Ernst & Young. Steve holds a Bachelor of Business Administration degree from the University of Texas at Arlington.

Jeremy is responsible for SMB Suite’s technology vision, strategy and implementation and is the architect of the Company’s Dynamics Cloud Platform. Highly adept in every facet of managed services, ERP systems and e-commerce platforms, Jeremy’s expertise spans the implementation and support of business and financial software solutions, as well as the customization and integration of SMB Suite’s cloud ERP technology stack. He holds numerous Microsoft and industry-related certifications, and was primarily responsible for designing the Company’s progressive business services platform in the early days of the Cloud. Prior to SMB Suite, Jeremy served as the financial analyst, systems administrator, and information systems liaison for a $2 billion financial services corporation.

Monty is responsible for SMB Suite’s day-to-day operation and, most importantly, its customers. As a leader, motivator and mentor, Monty creates loyal high performance teams willing to “walk through walls” to accomplish their goals. Prior to SMB Suite, Monty served as President of The Bradshaw Group (TBG), a global distributor, manufacturer, and repair facility for digital printers. In this role, he was the Company’s ambassador to its most important domestic, European and Latin American customers and TBG achieved a best-in-class Net Promoter Score of 74 for its superb customer satisfaction. Prior to TBG, Monty served as the General Manager of Sam’s Clubs three highest grossing U.S. stores and was named Regional Operator of the Year in 1999. Monty holds a BBA in Marketing from Texas Tech University and is an active member of Business Navigators. He has been active in Vistage International, Executives in Action, the Dallas/Fort Worth Retail Executives Association, as well as, A.P.I.C.S., the leading professional association for supply chain and operations management. Monty also volunteers with Hunger Busters and ManeGait, a therapeutic horsemanship organization.

David is a proven financial and information technology professional with expertise in providing business accounting software and computing solutions. He began his career by starting and managing a successful independent consulting practice for several years. He then launched the local systems consulting unit of Ernst & Young’s Entrepreneurial Services Group, leading the office into the hi-tech consulting arena. After successfully developing the unit for Ernst & Young, David founded NextCorp (which became SMB Suite in 2013) to serve the business software needs of clients throughout the US. David has made SMB Suite one of the best cloud ERP providers in the industry. In addition to being a successful entrepreneur and leader, he is a software and technology specialist, holding certifications in various Microsoft and other technologies.