Selecting a Managed Security Service Provider is one of the most important decisions a security team will make. Choosing the right partner will often determine the success or failure of the initiative. The following information highlights the most important factors to look for when evaluating a MSSP. Since a provider is meant to be an extension of an organization's security team, they must be strong across the three fundamental areas of security: People, Process and Technology. Organizations should consider the following factors to ensure a successful partnership.
Like any other discipline, people are the most important part of a security program. A provider must have talented people analyzing events, managing devices and guiding the company. A company evaluating a provider should pay particular attention to the qualifications of the intrusion analysts. Many MSSPs tout the number of CISSPs at their organization. While the CISSP is respectable certification, it is not an operational-level certification and should not be given much weight at this level. Instead, security teams should look for an MSSP's intrusion analyst team to possess a more practitioner-level certification, such as SANS' Global Information Assurance Certification (GIAC). In particular, intrusion analyst teams should specialize in the GIAC Intrusion Analyst track, which provides them with the tools they need to rapidly identify, analyze and respond to threats. Organizations should feel confident in their provider's ability if 100% of the MSSP's analysts carry a GIAC Intrusion Analyst certification.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.