Managed detection and reponse (MDR)

The growing demand for managed detection and response (MDR)
Threat detection/response is a high priority, but many organizations don’t have the staff or skills to perform these tasks alone. This translates into a growing MDR market.
According to recent research, 82% of cybersecurity professionals agree that improving threat detection and response is a high priority at their organization. Furthermore, 77% of cybersecurity professionals surveyed say business managers are pressuring the cybersecurity team to improve threat detection and response.

So, what’s the problem? Threat detection and response ain’t easy. In fact, 76% of those surveyed claim that threat detection and response is either much more difficult or somewhat more difficult than it was two years ago. Why? Cybersecurity professionals point to issues such as an upsurge in the volume and sophistication of threats, an increasing cybersecurity workload, and a growing attack surface. And let’s not forget the impact of the cybersecurity skills shortage. Many firms lack the right staff and skills to make a significant dent in this area.

Rather than deploying yet another tool, many CISOs are turning to third-party service providers for help, making managed detection and response (MDR) one of the fastest-growing segments in the cybersecurity market. The report available reveals that 27% of organizations are actively pursuing an MDR project, while another 11% plan to pursue an MDR project in the future.

Why organizations want managed detection and response (MDR) solutions
32% say their organization needed rapid threat detection and response improvements and decided that MDR provided a faster path than a homegrown approach.
29% claim that their organization is already working with one or several managed security service providers (MSSPs), so adding MDR seemed like a good business and technical decision.
28% believe an MDR provider can do a better job of threat detection and response than their organization can.
27% admit that their organization tried threat detection and response technologies but found them to be beyond their abilities, so they turned to MDR as an alternative.

Let’s face it, threat detection and response requires advanced skills that most organizations don’t have. Additionally, the technologies used for threat detection and response (i.e. endpoint detection and response (EDR), network traffic analysis (NTA), malware sandboxes, threat intelligence, security analytics, etc.) can be expensive and complicated. Given this data, it’s abundantly clear that many organizations will throw in the towel and seek help from MDR players.

Source: ESG Research and Advisory