MSSPs: The impact of Force Majeure (Bonus feature: MSSPs are a TARGET!)

Think Tank - 3:40 pm - 4:05 pm

To extend your organization's security capability, and perhaps to maximize resources, your organization has opted to partner with a managed security services provider. While this decision does provide an affordable information security infrastructure, the decision does not come without risk. Natural disasters, cybersecurity incidents, operational impacts, and even previously unaccounted for events; i.e. pandemics, could create a barrier that would prevent a MSSP from continuing to serve their clients. Further, because of the nature of the services MSSPs provide, they are likely targets for bad actors looking for a big payout. As a security leader who has chosen to partner with an MSSP, it is crucial to plan for unforeseeable circumstances that could prevent your MSSP from fulfilling their services or contractual obligations. How would your business be impacted by an unforeseen failure of your MSSP, and how would you ensure that your organization is able to continue to protect your organization? How does an organization prepare for these circumstances and still provide security with their internal security personnel? 

Takeaways: 

• Proper due diligence is imperative when choosing a MSSP, ensuring geographically dispersed Security Operation Centers, robust controls and technology
•  Treat your MSSP as a partner vs. an outsourcer 
• Clearly define what you want to monitor and measure 
• Retain in-house cybersecurity talent â?" select which services it makes sense to assign to your MSSP, for example incident detection and response 
• On-board your MSSP so they have an appropriate understanding of your environment >

Presented by:

Presented by: