Trends for Managed Detection and Response

June 26, 2023
| No comments
Trends for Managed Detection and Response Photo by Austin Distel on Unsplash

Share post

Services such as Managed Detection and Response (MDR) or Managed Security Services are among the most important current trends in IT security. The demand is the reaction to the upheavals in cyber security in recent years, also because of the problem of skilled workers.

A problem that affects all companies when it comes to IT security: A rapidly developing danger landscape with more risks and at the same time an increasing shortage of specialists. More and more companies are therefore forced to look out for external help from suitable partners. Companies have to react - to greater demands from new risks and to a market that finds a new balance between supply and demand. Three tendencies prompt decision-makers in companies to take action.

Managed security as a solution

One thing is certain: managed security services are a growth market. Gartner experts estimate that by 2025 every second company will use services for threat monitoring and for detecting, defending against or containing attacks. The analysts of Frost and Sullivan predict MDR sales of around 2024 billion euros for 1,9.

In Germany, too, the demand for MDR and external SOC services is growing across all sectors. As in other countries, IT security managers are looking for an external security team or a security operation center. This is confirmed by the results of the Bitdefender 2023 Cybersecurity Assessment Report, for which IT decision-makers in companies with more than 1.000 employees were surveyed.

  • 44,1% of those surveyed gave round-the-clock monitoring by a managed security provider as the most important argument in favor of MDR.
  • 42,7% want to relieve internal IT human resources.
  • 33,8% want manageable information instead of a flood of alerts. Other reasons go even deeper:
  • 30,9% even of these large companies do not have the capacity to deal with the complex threat situation.
  • 27,9% seek proactive threat hunting,
  • 26,5% improved compliance, 25% the help of security analysts and 19,1% just a feeling of security.
  • Only 1,47% say they neither use nor plan to use such a service.

Although the market has outgrown its infancy, it is still developing at a rapid pace and is in the process of maturing. This has an impact on the options available to companies when it comes to IT security and how to deal with risks. You have to react, not only to the new risk situation, but also to the new behavior of providers in the MDR market. Three trends are having an impact now and in the medium term:

Trend 1: MDR becomes a cyber insurance case

Jörg von der Heydt, Regional Director DACH at Bitdefender. Image source: Bitdefender

Jörg von der Heydt, Regional Director DACH at Bitdefender (Image: Bitdefender).

MDR/SOC services and service providers not only help companies with technology and expertise, but above all with a continuous view of IT events, an accurate and fast security analysis and additional telemetry data that shed light on the potential current risk situation. The providers of cyber policies see these opportunities for MDR partners to provide information and analyze the risk situation. According to Forrester's forecast, cyber insurance companies will acquire MDR providers themselves. On the other hand, they increasingly require their policyholders to use such a service if they lack the skills and resources for effective IT defence.

Telemetry data affects cyber insurance premiums

Insurers will simultaneously consider data on telemetry, attacker activity and other information about their prospective policyholders that the customer's MDR services provide to them. This affects premiums, claims coverage and reimbursements paid out.

What should companies looking for or already working with an MDR service provider do? You should know what data from the MDR provider an insurance company has access to and how they use it. The companies should make sure to what extent the assumption of damage and the amount of the damage are affected. They inquire whether they have a say in the disclosure of information. Most companies would be reluctant to accept that third parties know about their IT.

Trend 2: More choice makes it more difficult to find the right partner

With increasing growth and market maturity, the range of managed services is growing. This increasingly includes different technologies such as multi-factor authentication, backups or defense against targeted attacks on small and medium-sized companies or certain industries.

Advanced MDR services will operate as fully functional and independent outsourced cyber security departments in the future with Managed SecOps, External Attack Surface Management (EASM), a Managed Security Operation Center (MSOC), identity and access management, managed backups, cloud, among others services or even a SIEM.

Spoiled for choice when it comes to the right security provider

What should companies do? As in other areas of cyber security, companies are spoiled for choice. However, you should meet these carefully and ask yourself the following questions: What does your own company need? What can your own IT not map internally? Does IT need help because it cannot securely manage multi-cloud infrastructures? Which compliance or cyber insurance requirements need to be met? Businesses should choose providers with comprehensive services instead of relying on a proliferation of numerous service providers.

Trend 3: Increasing demand for MDR

A lack of budget and economic uncertainties as well as fears of recession are putting cybersecurity decision-makers under financial pressure. They are therefore currently looking for ways to reduce costs or get the best bang for their buck. It is not for nothing that a survey by the Boston Consulting Group shows that companies want to spend more money on IT security - despite all fears of a recession.

According to the Bitdefender 2023 Cyber ​​Security Assessment Report 69,1% of IT managers in companies with more than 1.000 employees plan to increase their cyber security budget, 27,9% want to invest less in new security technologies. Only 29,4% plan to employ fewer cyber specialists. So there is money. And many companies are investing in strategic IT such as cyber security, cloud security, infrastructure and analytics, especially in customer and industry-specific MDR services. Many cyber security leaders are committing to ramping up their protections. MDR is an inexpensive lever for this.

IT Security Act or NIS 2 force action

In addition, many companies will have to react to the legislative pressure in Germany and the EU in the near future - be it through the IT Security Act or NIS 2. So the demand for MDR is likely to increase and will change the balance between supply and demand. Anyone who comes here too late, cannot find an MDR partner and thus has poorer protection becomes the preferred target for hackers.

What should companies do: They should quickly start looking for suitable MDR providers. If you start this search too late, you may find it difficult later to find the right partner.

Conclusion: MDR can be the solution for many companies

IT security officers are under pressure from multiple sources. MDR can be a valve against it - if you don't wait too long: Without MDR, cyber insurance will increase in price or cover less damage. IT security managers must therefore invest promptly. Anyone who hopes for low prices because other decision-makers in companies are canceling their investments will be taught a lesson in the near future. The search for suitable partners with a comprehensive range of services instead of a patchwork quilt of service providers does not become easier the longer you wait – because there, too, skilled workers are not easy to find.

More at Bitdefender.com

 

About Bitdefender

Bitdefender is a leading global provider of cybersecurity solutions and antivirus software, protecting over 500 million systems in more than 150 countries. Since it was founded in 2001, the company's innovations have consistently ensured excellent security products and intelligent protection for devices, networks and cloud services for private customers and companies. As the supplier of choice, Bitdefender technology is found in 38 percent of security solutions deployed around the world and is trusted and recognized by industry experts, manufacturers and customers alike. www.bitdefender.de

 

Matching articles on the topic

IT security: NIS-2 makes it a top priority

Only in a quarter of German companies do management take responsibility for IT security. Especially in smaller companies ➡ Read more

Cyber ​​attacks increase by 104 percent in 2023

A cybersecurity company has taken a look at last year's threat landscape. The results provide crucial insights into ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Mobile spyware poses a threat to businesses

More and more people are using mobile devices both in everyday life and in companies. This also reduces the risk of “mobile ➡ Read more

Crowdsourced security pinpoints many vulnerabilities

Crowdsourced security has increased significantly in the last year. In the public sector, 151 percent more vulnerabilities were reported than in the previous year. ➡ Read more

Digital Security: Consumers trust banks the most

A digital trust survey showed that banks, healthcare and government are the most trusted by consumers. The media- ➡ Read more

Darknet job exchange: Hackers are looking for renegade insiders

The Darknet is not only an exchange for illegal goods, but also a place where hackers look for new accomplices ➡ Read more

Solar energy systems – how safe are they?

A study examined the IT security of solar energy systems. Problems include a lack of encryption during data transfer, standard passwords and insecure firmware updates. trend ➡ Read more

Bitdefender, EDR, MDR, NDR, XDR, Stories
, , , ,