Vambrace’s Managed Detection and Response (MDR) explained

Written By Ross Francis

What is MDR?

Managed detection and response (MDR) is a cybersecurity service that combines technology and human expertise to perform threat hunting, monitoring, and response. The main benefit of MDR is that it helps rapidly identify and limit the impact of threats without the need for additional staffing.

MDR is an outsourced service that provides organisations with threat hunting services and responds to threats once they are discovered.

Is MDR right for me?

If your organisation uses any kind of data storing system across any IT environment, including endpoints, physical premises and the cloud, it is recommended to have a MDR process in place. This helps to protect the organisation from all angles should a breach occur.

An MDR service is tailored around the infrastructure of an organisation and so is unique to every organisation. MDR facilitates the threat monitoring and addressing against intentional or accidental misuse of data across all environments.

Organisations either choose to develop this system in-house or out-source to a third party.

In-house vs out-sourced service?

In-house

This process can be very costly to an SMB and even enterprise organisations whose main business focus doesn't revolve around cybersecurity. This is mostly because an MDR analyst’s starting wage is £40,000 per year. Plus, with the MDR solution being a 24/7 requirement, you would need at least four people to manage this asset, not to mention the start-up cost for the MDR software and hardware components.

An in-house MDR set up usually consists of a team of employees monitoring the network on a 24/7 basis. This is to ensure that data traffic is in line with policies and procedures set by the organisation, scanning the network for inappropriate user behaviour and ensuring that no accounts have been compromised.

In addition, the time required to get an in-house MDR set up is close to a year. CISO’s and their security team will incur significant time investment in planning and implementing the solution. Continuous threat detection and compliance monitoring across several platforms and AI driven security tools is the typical fall down of any MDR set-up.

Out-sourced

A managed service provider (MSP) would bear the brunt of analysing your network and potential malicious behaviour and is often the more secure option.

By out-sourcing this service, all of the responsibility and start-up costs are passed to the supplier. Additionally, because the MDR centre is based off site, this reduces the chance of an insider attack.

Vambrace’s Security Operation Centre (SOC) can provide your organisation with an out-sourced MDR solution. Our team of security engineers can offer a multi-tier analysis of alerts and incidents with our intensive data visibility, enabling us to identify threats at their earliest stage in the attack cycle.

Vambrace’s SOC can take care of your security, without you having to source the time, resources and costs incurred with building your own. As part of the SOC we consult with clients on a regular basis with advice on how they can optimise their resilience.

Maximise your defences today, 24/7, 365 days a year and book your consultation.

Ross Francis
Previous

Insider threats: can you trust your employees?
Next

Vambrace recommends: how to protect against phishing