Access your Pro+ Content below.
MSSPs add advanced threats as managed security services gain hold
This article is part of the Information Security magazine issue of April 2017, Vol. 19, No. 3
Virginia's Arlington County government first signed up with a managed security service provider to offload some of the cost and resource burdens associated with maintaining a constant state of cyber readiness. That was more than a decade ago. Over the years, its relationship with MSSPs has since morphed from vulnerability risk assessments to critical security information and event management (SIEM) functions across government departments and offices throughout Arlington, the second largest city in the Washington, D.C., metropolitan area. MSSPs provide the county with real-time cyber health assessments and immediate breach notification, which is vital to the government's ability to deal with the current threat environment and attack surface. "A firm that offers 24/7 year-round threat monitoring, detection and response can provide [Arlington County] a level of resources it couldn't otherwise create or afford independently," said David Jordan, the chief information security and privacy officer at Arlington County, who has held the ...
Access this PRO+ Content for Free!
Features in this issue
Skill shortages and budget constraints have lead some companies to adopt a hybrid approach to managed security. Is it time for CISOs to start looking for 'expertise as a service'?
The vice president and CISO of ViaWest, Ilg is tasked with keeping the IT managed service provider and its cloud services secure.
Why nation-state attribution plays a major role in the U.S. government's willingness to share cyberthreat intelligence with private-sector companies.
Columns in this issue
Despite increasing levels of specialization, managed security service providers often don't understand the business you're in. That may be changing.
Grassroots efforts to shift cultural thinking in information security have had a positive effect, the former professor of computer engineering says.