Industry Updates

Cybersecurity Tools: Is More Security Better Security?

Recently, we attended several industry events. Looking around the vendor halls, there were no less than 30 vendors providing cybersecurity tools. All of them presented value and hit different portions of the attack surface. We got to thinking, though, if we were an MSP, we would be completely overwhelmed with the number of options in front of us. Do you need all of these solutions to have true cybersecurity protection? How do you keep up with all the solutions available, being on the cutting edge of cybersecurity threats, and ensuring your MSP is running smoothly and profitably with satisfied customers?  In short, you can’t.

As a result, we see far too many MSPs subscribing to the theory that more security is better security, layering 10 to 15 solutions, at various levels of implementation, hoping that they cover enough layers of the attack surface to feel protected. This leads to more vendors you pay monthly, more tools you need to have the expertise to support, more configurations you need to effectively manage to actually secure your clients, and more dashboards you need to have front and center at all times. This results in more exhausted engineers, more alert fatigue, more potential for a breakdown, and an increased risk of attack/breach – the exact opposite intention of deploying all these tools.

Not to mention, with a new cybersecurity provider entering the game nearly everyday, you need to be in constant R&D mode to ensure that you’re keeping up with all the latest and greatest tools, products, and even marketing terms.

Cybersecurity Tools: MDR and the Alphabet Soup

Take, for example, MDR (Managed Detection and Response). Fairly simple premise, right? Someone or something is monitoring, detecting, and responding to threats in a way that is not reliant solely on the tools. We get asked regularly, does BLOKWORX offer MDR? The short answer is “Of course.” In reality, there is a lot more nuance than most people in the industry will discuss. MDR can only go so far as to protect the portion of the network within which it’s deployed. Utilize our MAED service, you have MDR on your endpoints. Utilize SCUD, MDR for the cloud. SNPR? Firewalls.

Utilizing MDR for one portion of your network does not mean you fully deploy MDR. Nor does it mean you can even really check the box on an insurance form that you utilize MDR. In our case, you’d need to subscribe to MAED, SCUD, and SNPR (all of which is fed into Stellar Cyber’s open XDR platform, a single pane of glass that normalizes data ingested across your network) for us to say that you’re truly offering MDR to your clients.

The problem with most in the industry today is that they’ll excitedly tell you that they offer MDR when, in reality, they’re only delivering MDR for one portion of the network/attack surface, leaving gaping holes while pumping you full of confidence that your solution is fully protecting your clients.

What Can You Do About It?

We get it. There are far too many developments popping up for you to remain confident in delivering cybersecurity services, as well as running your day-to-day MSP/IT operations. That’s exactly why BLOKWORX exists. So, what exactly should you do when it comes to truly vetting that new shiny penny?

  • Look beyond the marketing terms. If someone is blathering alphabet soup at you, and you’re getting confused with their sales pitch, they don’t know the solution any better than you do. Run, far and fast.
  • Just one more tool. If the tool is marketed as one more layer, one more addition, one more thing, you must very carefully assess its value to your life. Better things to consider are, does this displace any current solution while offering something more complete or comprehensive.
  • Does it take something off your plate or add one more thing for your technicians to deal with? How much time are you going to be dedicating to this new solution? Is the juice worth the squeeze when it comes to the value presented? Salespeople will tell you their solution will solve all the world’s problems. See if you can take it for a test drive or POC to truly test the claims.
  • What does the onboarding process look like? The Channel is notorious for ridiculously painful product onboardings. They take hours of time and thousands of brain cells in frustration. Look for people that can truly help you and offer white-glove onboarding services.

At the end of the day, there is finite room in our budgets, solution stacks, expertise, and alert responsiveness. Are you subscribing to a more security is better philosophy, or truly looking for the few solutions that best protect yourself and your clients?