Insights into cybersecurity MSSP expectations

How do Canadian businesses feel about their Managed Security Service Providers (MSSPs)? Is outsourcing cybersecurity strategy and tasks to external parties seen as a strong investment, a cautionary tale, or something in between?

The recent results from the Canadian Cybersecurity Managed Services Survey, conducted by KPMG’s Managed Security Services and Security Operations Center, paint a complex answer to these questions. While cybersecurity investment and prioritization has increased for many organizations across the board, security and business leaders had more than a few ongoing concerns.

Animated circle statistical graphic showing 66% 66%

66% of executives surveyed expressed doubts about their choice of MSSP, particularly when it comes to managed detection and response (MDR)

Animated circle statistical graphic showing 65% 65%

65% reported challenges in finding a provider that can meet their specific cybersecurity needs

Animated circle statistical graphic showing 69% 69%

69% of respondents said they’re concerned about their MSSP’s security practices and want more insight into what they do

What does using a MSSP mean in cybersecurity?

Due to various industry and circumstantial variables, including a shortage of cybersecurity talent and budget constraints, many organizations are turning to MSSPs to lighten internal workloads and scale productivity to ensure every goal is met and tasks completed to a high standard.

However, this reality doesn’t mean executives are willing to unquestionably turn the keys over to their cybersecurity MSSPs. Based on the survey’s findings:

Animated circle statistical graphic showing 55% 55%

55% of respondents plan to oversee their service provider’s activities at a high level and get involved mainly from a strategic vantage point

Animated circle statistical graphic showing 45% 45%

45% of respondents want their IT teams to work side-by-side with MSSPs in a hands-on capacity

How can organizations and their service providers bridge any trust gaps and build transparent communication channels that minimize risk and consistently detect and report cyber threats? Learn more by delving into the full report.

What is the benefit of a MSSP in cybersecurity?

The benefits of engaging a MSSP to create and help execute on a cybersecurity strategy are many. External vendors can help reduce the cost of operating a cybersecurity team and ensure that internal teams are freed up to focus on innovation-oriented projects.

However, despite those positives, it can be difficult to demonstrate a strong ROI for a MSSP internally, especially if performance isn’t being tracked with the proper value-add KPIs. Find out what performance indicators leadership should focus on and learn about common indicators of a strong MSSP you’ll be good about teaming up with.

What is the downside of a MSSP in cybersecurity?

In spite of all the upsides of engaging a MSSP, there can be downsides that come with shipping certain responsibilities to an external party. Canadian companies are uneasy about the lack of insight into daily or weekly activities, particularly when communication with a MSSP isn’t as clear or detailed as they’d like. Negatives in those areas can erode trust, which can lead to a feeling you’re not getting value for the cost of the MSSP contract.

The important takeaway is that there are options out there for businesses looking to increase visibility, productivity, and budget allocated to MSSPs and cybersecurity more generally. For more information on those solutions to common problem areas, get a copy of the full report.

Innovative MSSP options that are ahead of the curve

By combining industry-leading technology, deep technical expertise, and a proprietary threat intelligence model, cutting-edge vendors like KPMG’s Managed Security Services & Security Operations Center can meet your organization's cyber security needs, regardless of industry or size.

  • Our dedicated Canadian delivery team provides comprehensive, scalable, and fully customizable security solutions.
  • Our Managed Detection and Response (MDR) service leverages your existing technology stack to power our correlation and automation tools.
  • Our security operations and advisory capabilities also fuel continuous improvement to respond to evolving priorities regarding monitoring, detecting, and responding to real-world cyberattacks.

Don’t settle for a vendor you’re unhappy or unfamiliar with. Talk to a KPMG cybersecurity specialist today and discover how we can help you attain all your objectives now and in the future.

Read our Canadian Cybersecurity Managed Services Survey report to learn more about:

  • The biggest cybersecurity challenges modern organizations face
  • The level of insight security executives want into MSSP activities
  • The ways organizations can build trust with MSSPs
  • The ingredients for a successful relationship with a cybersecurity vendor
  • The performance indicators that can help security leaders increase budget
     

Connect with us

Stay up to date with what matters to you

Gain access to personalized content based on your interests by signing up today

Connect with us