From Foundational to Advanced Security Services: Pick Your Play

CompTIA IT Security Community members broke into three separate groups during their ChannelCon meeting to discussing the details of various security portfolio offerings.They discussed where each MSP sits on the security continuum (foundational, comprehensive or advanced) and then focused their efforts on defining that particular level of service.

CompTIA Security Community members discuss portfolio options and skill sets

DSCN2308Data breaches seem to be as common as traffic accidents today. Hackers and cyber criminals have been invading networks and exploiting vulnerabilities for years, but the stakes are growing and, no matter what investments companies are making, it’s rarely enough to halt their efforts. The information is just too valuable. Even with a plethora of security technologies and solution at hand, there are never enough protection measures to stop a determined hacker.

So how can solution providers expect to turn the tables on cyber criminals, or at least keep them away from their clients’ most valuable information? According members of the CompTIA IT Security Community, that process starts with the basics. Each provider needs to offer some level of protection to their customers, from the basics such as AV and firewalls to more advanced services such as end user training and pen testing. In fact, community members dedicated much of their ChannelCon meeting time to discussing the details of various security portfolio offerings.

Attendees broke into three groups based on where they sit on the security continuum (foundational, comprehensive or advanced) and then focused their efforts to defining that particular level of service.  They described the key benefits of each stage, what their clients needed and what protection measures they already offered. The goal of these breakouts was to gain a better understanding of what providers consider to be essential offerings for their customers.

Community Executive Board members Mike Semel, President & Chief Security Officer of Semel Consulting, and Charles Tholen, President and CTO of Cognoscape facilitated the advanced security discussions. They conducted a deep-dive into the regulatory and compliance measures MSPs’ customers need to have in place and covered active monitoring, incident response teams and pen testing. Semel started off by asking attendees “Are you really providing comprehensive advanced security or just offering your customers a lighter, Cliff’s notes’ version?” He was referring not just to the tools, but the crucial support services that will help MSPs differentiate themselves as true security experts. That includes testing processes, forensics and other critical support options. What ‘nuggets’ of information ere shared during the breakout?

  • Providers need to validate that an actual incident has occurred. Forensic services may be required. Companies have to know if and when reportable breaches occur so they can take the appropriate actions and, hopefully, minimize potential fines and liabilities. A $5,000 investment in these types of services is inexpensive when clients are facing major financial penalties and/ or the loss of intellectual properly.
  • Understand that you are not responsible for your customers’ compliance. If their employees fail to follow procedures, you shouldn’t be accountable. “If they only do eight of the ten things we recommend after preforming a compliance review, we can’t be responsible,” emphasized Tholen.   
  • If you provide advanced security services, be sure to check with your business insurance company. The risk could be substantially higher. You need to ensure liability coverage will protect your company if a breach were to occur with one of your clients.  
  • Detection is the problem. Are you monitoring their systems for anomalous behavior? You need to develop a baseline so issues are easier to spot. “The goal of monitoring is to reduce the time between when incident occurrence and detection,” said Tholen. The average time between occurrence and detection is 57 days and third-party organizations are responsible for discovering many breaches.  
  • Pen testing (penetration testing) is quite advanced, requiring certain skills and certifications. It’s a good way to assess employee security best practices, but partnering her makes sense since the investment can be significant and it may be used very infrequently.    

During their meeting at ChannelCon, community members also emphasized the value of the CompTIA IT Security Assessment Wizard they developed last year. This straightforward, three-page questionnaire allows MSPs to produce a comprehensive and comprehensible profile of their clients’ IT security systems. That’s a great place to start the conversation and evaluate the payoff potential for expanding your company’s protection portfolio.  

 

Email us at blogeditor@comptia.org for inquiries related to contributed articles, link building and other web content needs.

Read More from the CompTIA Blog

Leave a Comment