Channel Insider content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Security response

1 - Companies Increase Their Reliance on MSSPsCompanies Increase Their Reliance on MSSPs

The highest spending priority on security should be on ways to improve the ability to respond to confirmed attacks. This opens big opportunities for MSSPs.

2 - Managed Security ServicesManaged Security Services

Nearly 9 out of 10 organizations surveyed have an internal or external SOC, and 64% of organizations receive some security assistance from MSSPs.

3 - Augmented SecurityAugmented Security

For organizations that already use MSSPs, the median work with two service providers.

4 - Investment PrioritiesInvestment Priorities

Organizations plan to invest in three major areas—responsiveness, detection and investigation—to improve their capabilities over the next 12 to 18 months.

5 - Partnership Status QuoPartnership Status Quo

Over the next 12 to 18 months, 71% of respondents expect their MSSP use to remain the same, while 19% plan to increase their MSSP partnerships, and 10% expect it to decrease.

6 - Top Reasons to Work With MSSPsTop Reasons to Work With MSSPs

• Provide security monitoring and monitoring coverage: 21%

•Improve advanced threat detection: 18%

•Help with SOC, incident response, hunter staffing, and skills shortages: 18%

7 - Actionable IntelligenceActionable Intelligence

Almost 70% of the organizations surveyed reported using a security information and event management (SIEM) solution.

8 - SIEMs and MSSPsSIEMs and MSSPs

93% of organizations that use external security services are highly likely to have those services involved with the SIEM system, while 71% ask their MSSP to run day-to-day SIEM operations.

9 - Types of Security TeamsTypes of Security Teams

The four types of security teams used by organizations are Tier 1 SOC analysts, Tier 2 SOC analysts, hunters who proactively hunt for threats and can declare incidents, and incident responders.

10 - Security InvestmentsSecurity Investments

About 40% of organizations that don’t use all four types of security teams plan to increase their use of MSSP employees in one or more of those functions over the next 12 to 18 months, while 40% will deploy internal people. 60% will invest in tools for these teams.

11 - Overwhelmed by AlertsOverwhelmed by Alerts

93% of SOCs are unable to properly address all incoming alerts, and 25% believe that has resulted in a moderate to severe business impact due to uninvestigated reports.

12 - Ad Hoc SecurityAd Hoc Security

26% of the survey respondents operate in reactive mode, with ad hoc approaches to security operations, threat hunting and incident response.

13 - Rising IncidentsRising Incidents

67% of respondents reported an increase in security incidents. Of these respondents, 57% said the rise of incidents is due to more attacks, and 73% believe they can better identify the attacks.