Skip Navigation
BlackBerry Blog

Maintaining and Improving Enterprise Security Posture With Managed XDR

In a recent MarketPulse survey study conducted by Foundry for BlackBerry on extended detection and response (XDR), in July 2022, several goals were identified as challenges to maintaining and improving enterprise security posture. These obstacles included the level of awareness around XDR. In this blog, we will dive under the covers of this study to glean a deeper understanding of the benefits derived from engaging with a managed security services provider, improvements gained from advanced detection capabilities, challenges of evolving threats, and the difficulties in determining the status of your cybersecurity.

Benefits of Managed Security Services

There are at least two very key benefits from engaging with a managed security services provider (MSSP) according to the survey, with over 50% of respondents realizing the ability to redeploy key IT and cybersecurity resources to focus on more strategic security needs for the company. Over 40% of respondents were able to address their security skills and resources gap by having a 24x7x365 monitored IT environment with visibility over the entire estate — if implemented properly with highly-skilled cybersecurity professionals doing the work.

Over 43% of respondents from small and medium-sized businesses (SMBs) are reporting that there are definite improvements in advanced threat detection as well as remediation when partnered with an MSSP. This is mainly due to the fact that MSSPs often have more advanced capabilities. Typically, these include managed detection and response (MDR) and managed extended detection and response (MXDR) technologies, which bring increased speed of detection and rapid reaction to reduce the gap between mean time to detect (MTTD) and mean time to respond (MTTR).

As the threat landscape continues to evolve and grow, organizations often struggle with the need to continually evolve their security portfolio to support these changes, with 53% of respondents citing their concerns in these areas. Consequently, many organizations are behind the times with various security solutions they've implemented. Hence, one of the ways to shortcut this issue is to work with a trusted security partner. As they are always updating and enhancing their security platforms for many different clients, they are able to accomplish this much more cost-effectively.

Managed Services and Security Visibility

From the survey, 77% of organizations consider it challenging to gain a holistic picture of their organizational cybersecurity status. This means that one of the bigger advantages of utilizing trusted security partners and security solutions providers is the ability to have an ongoing view of your cybersecurity status. Partners will help your organization implement cybersecurity solutions that gather key performance indicators (KPIs) throughout the IT estate, and produce either a visual representation of the progress, or lack of progress, or provide a scoring mechanism that demonstrates the same. Essentially what is needed for the CISO and executive management is a simplified way to describe the current security posture at any point in time.

With the array of potential telemetry sources within an IT estate, 76% of organizations consider it a challenge to analyze data from multiple sources to detect, prevent, and respond to cyberattacks on a 24x7x365 basis. Many organizations view this as a critical issue and seek out MSSPs to help. For organizations to do this on their own, it would take hiring a number of specially trained security professionals, implementing specialized monitoring technology, numerous procedures, playbooks, and processes. It becomes a costly venture for most organizations, especially SMB organizations.

Ransomware and external cyberattacks are most concerning for organizations today. In this recent survey, ransomware ranked second with 70% of respondents, only behind a general concern (72%) around external cyberattacks. Cyberattackers are not letting their foot off the gas and will continue to find new and more creative ways to attack an organization. Currently, ransomware is by far the biggest threat to most organizations because of the damage, disruption, and cost.

Given all these challenges, what are organizations to do?

According to the survey, 79% of organizations say they are likely to consider a managed XDR solution or approach during the next 12 months. As mentioned above, organizations need to identify a trusted cybersecurity partner with advanced SOC (security operations center) capabilities, processes, procedures, playbooks, and technology such as XDR. With a managed XDR platform, organizations can cut out the need to build a full security operations capability and almost immediately begin to realize the benefits in coverage, visibility, accuracy, and reduced risk of attack.

Philip D. Harris

About Philip D. Harris

Philip D. Harris, CISSP, CCSK, is Research Director, Risk, Advisory, Management, and Privacy at IDC.