Bizwave

Midsize enterprises seeking to bolster security and enhance threat detection and response face important choices for security event monitoring between MSSP and MDR providers.

A recent paper by Gartner mentions how, “Resource-challenged security and risk management leaders at midsize enterprises (MSEs) are increasingly concerned about detecting threats and complying with regulatory mandates. Selecting the proper technologies and services will improve security event monitoring capabilities when facing staff and budget constraints.”*

Gartner recommends MSEs, “Outsource security services to a MSS or MDR provider if the IT team does not have enough staff to dedicate to running and using the necessary security monitoring tools, especially if 24/7 monitoring is required.”*

RECOMMENDATIONS FROM THE GARTNER PAPER:

Initially consider central log management (CLM) if their organization has constrained resources, less complex use cases and a higher risk tolerance.
Use security services before buying more technology and attempting to “do it yourself.”
Use co-managed technology services when control over technology selection and use is required, but resources are constrained to operate and provide 24/7 monitoring.
Purchase a SIEM solution and build a security operations center (SOC) only when they have use cases that are too complex to outsource to a provider.

*Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Exploring Security Event Monitoring Options for Midsize Enterprises

Related Content