When conducting an interview with any
prospective MDR, present them with
scenarios and company-specific problems
you are facing to ensure their approach
makes sense, addresses your concerns and
assures you that you’re not being forced into
a generic solution. Finally, make sure you
understand the impact of latency on your
solution. If you use an always-on cloud-
based protection, you could be increasing
your latency and application responsiveness.
2. Think about the future
Assess your company’s present and future
technology needs and initiatives. Is the MDR
INTELLIGENT TECH CHANNELS
Issue 23
Building next-
generation
capabilities
for advanced
threat detection
and response
is a complex
endeavour that
requires significant
investment in time
and resources.
provider able to address your full range of needs? For example, are your
applications hosted in a data centre or cloud, and what’s on the horizon
in the near future? Don’t forget that any security strategy should
encompass people and processes. So, check if a potential provider is
able to offer ongoing employee training as part of their service.
3. Going beyond technology
Don’t get dazzled by the technologies on offer. You’re going to
expect a provider to be able to offer advanced technologies, such as
endpoint detection and response, behavioural analytics, specialised
forensics tools and proprietary security event management
platforms. But you should be checking for other factors too.
For example, will the MDR provider continuously assess your
organisation’s performance in terms of achieving security objectives?
Also, are they able to combine data inputs from security detection
37