Some 53% of businesses worldwide feel they lack the necessary skills on staff to keep data safe from cyber threats and attacks, according to Gartner. On the other hand, to thrive in the technologically supercharged future, businesses need to keep up with digital transformation as it evolves. Executives seem to understand the value of this in the medium to long term, but don't always have an easy time translating the digital future into the current business model.

We understand the scenario well. And with the different strategies adopted by cybersecurity service providers, it's not uncommon to have questions when choosing between them. Understanding the categories of protection services available in the market will help the executive select the one that best fits the organization's needs.

And among the various types of security as a service offerings on the market, two are the best known:

Managed Security Services (MSS);

Managed Detection and Response Services (MDR).

What is MSS?

The protection market was born as MSS. It is about operational security, quite different from a strategic service. Which means that, here, we are taking over the cybersecurity operation of a company's environment, which includes good practices among the teams that access company data and information, antivirus updates, firewall configuration with the relevant rules, online IPS and with the best possible adjustments.

There is threat monitoring, but no decision making regarding events. All alerts are sent to the customer.

The MDR evolution

MDR, on the other hand, emerged as a solution for organisations that wanted to elevate cyber security to a strategic level and thus reduce the window of risk exposure.

It is a threat detection and response service, common in the SOC (Security Operations Center) model. But while a traditional SOC only generates alerts, MDR searches for threats, which means deeper research and risk analysis. This approach enables more comprehensive and tactical solutions.

In cases where the customer has an internal IT team or an already active MSS contract, the use of MDR is complementary, offering threat detection and incident response. In this context, alert fatigue is eliminated. The customer receives 24/7 incident response support. Alerts are reported, events are triaged, and if one of them is a threat, response actions are executed.

Nowadays, with the advent of zero-day attacks happening more and more frequently, it is almost impossible to prevent an access device from being infected at some point by malware. The role of the MDR service is to detect the intrusion, as soon as possible, and respond to the incident in a way that reduces the time the attacker remains inside the device or the company network.

MDR services guarantee companies qualified security support because they combine technology with human analysis and threat intelligence. So that, in this way, no threat is overlooked. At the points where software and hardware fail, specially trained analysts step in to monitor data on access devices, networks and the cloud.

With this, the company reduces exposure to risks and keeps all stages of the business protected.

Market Vision

Concerns about breaches and other vulnerabilities have grown among corporate executives in Brazil. As a result, cybersecurity companies have had to transform their offerings and adapt to deliver the right solutions with the same market momentum. There has been innovation in areas such as SOC and cloud security.

We adapt. Not only with a robust technical capability, made up of over 100 engineers in the SOC with over 500 certifications, including PMP, ITIL, CISSP and Computer Hacking Forensic Investigator Certification (CHFI). But also, bringing to market a new concept of SOC: the Vision 2.0.

ISH's innovation was recognised in the ISG Provider Lens Cyber Security - Solutions & Services - Brazil 2020 study, which assessed the strengths and competitive differentials of 55 companies in the Brazilian cybersecurity market. It was elected market leader in 2 quadrants of the report: Technical Security Services and Managed Security Services.