A New Opportunity for Resellers and MSPs, you will from time to time spot an opportunity to propose something special to your end-customer, to take their cybersecurity to a completely new level. The discussion may be the result of a damaging customer breach, a ransomware attack, a security audit, compliance requirements, cyber insurance requirements, corporate restructuring or the new purchasing conditions of an important client of your customer. But whichever it is, this modern kaleidoscope of cybersecurity sales opportunity is of course driven by the dangerous underlying escalation and “industrialisation” of international hacking.
When you hear of this kind of problem at your customer, it is time to seize the opportunity to help, with the full backing of the Titan Cybersecurity Centre behind you. While the customer will be bombarded from all directions by a mind-frazzling array of cybersecurity products and solutions, each one offering its own separate panacea, unfortunately the reality today is that the fragmentation of defence is the weakness of defence. In many cases, the soundest way to monitor, respond and deliver on management responsibility is to implement a Security Operations Centre (SOC), which is a fusion of people, software and processes that keeps 24/7 “eyes” on system activity and stands ready, in real-time, to counter the ingenuity of any level of hacker – before, hopefully, a disastrous event materialises, such as the theft or encryption of key data, corruption of data, or loss of control over industrial equipment.
Of course, the cost and difficulty of setting up an effective in-house SOC is out of the question for many organisations. An attempt may be made, but the value that is delivered may soon be called into question. And a SOC that is not 24/7 is of very limited value, because a lot of attacks happen outside business hours and they need immediate attention. Hence you may choose to offer your customer outsourced Managed SOC Services, from the Titan Cybersecurity Centre. This is a much more cost effective and practical solution, which retains the fully integrated, end-to-end security approach of an in-house SOC – but at a fraction of the cost.
So, what is Managed SOC? Managed SOC stretches beyond the scope of Managed Detection and Response (MDR), by including wrapper services that make an essential contribution to solving the real customer problem. For example, while an MDR service might rely on handing a detected problem to an in-house SOC to remediate, a Managed SOC could take the problem, at any time of night or day, and could operate on the customer’s network to investigate, contain and remediate the threat, under an agreed “power to act” and playbook. This brings peace of mind to many customers, because even a seasoned IT specialist may quake in their shoes at the idea of trying to understand and act immediately on a complex threat report, maybe at 4am on their laptop at home, and maybe with the fate of their company in their hands as the threat itself evolves rapidly in real time.
It is not just in the realm of incident response that Managed SOC can offer big advantages. The Managed SOC should be able to cover a full range of security processes, including asset discovery, continuous vulnerability scanning, behavioural monitoring on all endpoints, host-based and network-based intrusion detection, file integrity monitoring, as well as log aggregation and management using a SIEM. For the SIEM, there should be the capability to ingest any kind of log feed – and if some required connectors are in certain cases not available, then these connectors should be written as part of the Managed SOC service package, and not as a separate project.
An external Managed SOC can bring additional security benefits that many in-house SOCs may struggle to deliver. For example, the Managed SOC will be able to use knowledge about an emerging security threat which is gained from one client, in order to protect others. “Threat mining” can be carried out to research threats in the wild, in order to identify those which may present a threat to the end-customer and to ensure relevant security measures are in place in advance. The Managed SOC should be capable of monitoring the Dark Web for information that can help protect the end-customer, such as stolen credentials. Reporting should be a key strength of the Managed SOC, including the capability to build bespoke compliance reports to meet the customer requirements.
Cybersecurity is fundamentally a process and Managed SOC stands out from discrete products and services because it is a set of living, adaptable processes, based on human experts and technology platforms. Therefore, from the customer standpoint, Managed SOC can be seen as a complete security solution. For many, moving to this process solution could also be seen as an important foundation for the implementation of latest and future technologies, including for example new levels of security orchestration and automation (“SOAR” – Security Orchestration, Automation, and Response). The Managed SOC is a hive of practical expertise and cybersecurity insight, a valuable strategic ally for today and the future.
The Titan Cybersecurity Centre works with Managed SOCs that exist as part of broader Managed Security Services Providers (MSSPs). Additional “wrapper” services are available from each MSSP, such as certified penetration testing, phishing attack simulation and training, ISO 27001 certification, Cyber Essentials certification, security audit, and so on. A Managed SOC may not test its own defences, but the Titan Cybersecurity Centre provides the option of taking monitoring and defence services from the SOC of one MSSP, while taking penetration testing services, for example, from another MSSP. In this way, the concept of Managed SOC is expanded and enriched, with a sole objective – the security of the customer.
The cost-efficiency and ready-built processes of a large Managed SOC, as part of a broader MSSP, can therefore be an attractive next step for many customers to counter modern cybersecurity threats and meet compliance requirements – but only provided that the Managed SOC can enjoy the same or even greater trust than an internal department. To address this essential point, the Titan Cybersecurity Centre works only with Managed SOCs and MSSPs that are highly certified, for example with CREST and CHECK, as well as ISO 27001 and ISO 9001.
The Titan Cybersecurity Centre is the Cybersecurity arm of the international IT distributor, Titan Data Solutions. The Titan Cybersecurity Centre creates a new opportunity for Resellers and MSPs available for resale via resellers and MSPs. It offers free sales training, as well as full pre-sales support so that the reseller does not need to invest in technical resources. This all means that as a reseller or MSP, you can easily offer Managed SOC services to your customers, and these services can be delivered by the vendor in accordance with the customer requirements. Titan Cybersecurity Centre reseller contracts provide the framework for delivery of the smallest projects to the most sophisticated multi-year managed service packages such as Managed SOC.