Managed Detection and Response is one technology that should be in any organisations toolkit. To understand why, Enterprise Times talked with Richard Ford, Chief Technology Officer at Integrity360. A seasoned veteran of the cybersecurity business, he has seen many a tool come and go and multiple shifts in how we approach the problem of securing the enterprise.
Ford points out that for many organisations, their cybersecurity response is all about reaction, not about being proactive. But moving away from that reactive mindset is hard. It requires a rethink of the technology and processes that we use. It also requires expertise and that, in itself, is a blocker for many organisations. The shortage of skilled and trained talent directly impacts the solutions that can be applied.
Controls are another part of the equations. Ford says that often organisations don’t realise how ineffective their controls are until after an incident. More importantly, even those that have and regularly review security controls are discovering that they are not keeping pace with changes in the security landscape.
One thing that makes it hard to have effective security controls is the mismatch of tools used by the security teams. In the past, tools have been sold based on fear and the need to have multiple overlapping tools to plug gaps. But that has come at a price of complexity which, in itself, leads to gaps and mistakes.
Ford says that using a Managed Detection and Response (MDR) vendor closes a lot of gaps from security skills gaps to controls. But what else is needed? How else do you make it better?
To hear what else Ford had to say, listen to the podcast
Where can I get it?
You can listen to the podcast by clicking on the player below. Alternatively, click on any of the podcast services below and go to the Enterprise Times podcast page.