Transforming an organization’s infrastructure in order to capitalize on new capabilities brings with it a need for new approaches in security as well. Managed Detection and Response (MDR) is an increasingly attractive alternative to the costs and complexity of buying more technology and hiring more staff. Buyers are highlighting the outcome-focused mission of MDR, but an influx of new vendors are offering very different solutions, creating confusion.
In response to the rising need for clarity, “The MDR Manifesto” was created, establishing a definition of managed detection and response that provides a list of the core tenets that an effective MDR solution must include. Among these is the requirement for scaling to meet the growing needs, and threats, of a transforming environment. Scalable MDR can deliver technical analysis and human insights across dynamic environments.
The Evolution of Scalability
Recently, Involta’s CISO, Annalea Ilg, and Jack Danahy, SVP and Chief Evangelist at Alert Logic hosted a webinar to discuss the characteristics and urgency of scalability around MDR.
The speed with which scalability has evolved from a differentiator to a table stake for service providers.
The role of the local data center has diminished as organizations migrate to the cloud and shift to containerized application deployment across a hybrid cloud infrastructure. As a result, there is a rapidly growing number of assets that can scale up or down exponentially in a matter of minutes. All of these need to be monitored and protected, but legacy security tooling was never meant to deal with this kind of dynamism. This means, that in order to have effective MDR, you must include new tooling capable of both expanding capacity and identifying security issues as the environment scales up and down. Furthermore, there should be enough human security experts, armed with the skills, tools and automation, to analyze the events that are identified.
The acceleration in the need for scale and the role automation plays
Jack posed to Annalea, “What does scaling look like a few years from now, and what do you think is going to be most likely to impact how we prioritize and optimize our coverage?”
Dramatic growth of data for organizations, including security data, will have the biggest impact on what scaling looks like a few years from now and shape how organizations prioritize and optimize coverage. The volume of data will continue to expand and organizations will need to be able to parse it more quickly and more contextually. Much of cybersecurity today still revolves around correlating events with asset information, but the expectation is that we will see a shift to a strategy driven by threat intelligence, asset intelligence and business impact awareness.
About the Involta and Alert Logic Partnership
Involta and Alert Logic work together to deliver effective MDR and address the cybersecurity needs of clients. Involta’s proven understanding of security, transformational technology and organizational priorities during periods of change, in combination with Alert Logic’s leading position in the creation and delivery of MDR, creates a unique perspective on the capabilities required to deliver value.