ES Episode13

From Security Weekly Wiki
Jump to navigationJump to search

Episode Audio

Enterprise Security News

To MSSP or not to MSSP

Goal: Implement security in my organization so that I don’t have to or I can’t, shift the liability

Fit: We should be able to call them and make them do security for us

Measure: We don’t get hacked

Goal: Provide monitoring and detection service to remediate the low-hanging fruit

Fit: Integrates with our current security policies, procedures and processes (SLA!)

Measure: We prevented X number of incidents and saved X number of dollars on internal security systems by using an MSSP

Tip: If its cheaper to do it yourself, then do it…

Co-Manage vs. Managed

Firewall, IDS/IPS, VPN and SEIM = Good MSSP

Patch management, DNS = Bad MSSP

Endpoint security = Somewhere in the middle