The IT space really loves their 3-letter acronyms, it seems like there’s a new one every week. You may have heard of MDR recently and wondered what this one is and why you should care. MDR stands for Managed Detection and Response, and it is becoming more and more critical for all businesses to consider. Whether you’re concerned about protecting your business and clients from malware, ransomware or any of the wares or you’re just concerned about being able to check the “Yes” box on your cyber security policy questionnaire, it’s time to consider MDR.
Due to the “cat and mouse” nature of cyber security, what was sufficient a few years ago is no longer enough today. When we think back 15-20 years ago, a basic anti-virus product felt like Fort Knox. Then we needed to be sure we were applying Windows Updates in the days of Windows XP. Shortly after that, Windows Firewall and gateway firewall appliances were the next big thing. Then we started moving more and more items to the cloud, pushing the security perimeter further out and MFA became front of mind. Now in 2023, MDR is here and it’s going to become the next standard.
As cyber threats became more sophisticated, we had to stop relying on signature-based detection in AV and moved to a purely heuristic model where it’s examining all of the actions that are being undertaken by the computer. In many cases, the AV can block the malware and clean-up the infected files, but what happens when it can’t? That’s where MDR comes in.
Having the best and most sophisticated alarm system money can by is good, but what happens if no one is monitoring it? When the alarm is blaring, is help on the way? With MDR, the answer is yes. MDR is monitored by a 24/7/365 Security Operations Center (SOC). This SOC has the ability to isolate affected devices, begin developing a Root Cause Analysis (RCA) on what happened, where the infection came from, how it spread, and confirm that it’s been completely resolved.
On top of having them monitoring for and responding to cyber threats that may arise, they also perform proactive services such as leadless threat hunting. When new zero-day vulnerabilities are disclosed, they will often begin looking for those vulnerabilities in your environment as well as building mitigation into their product, notifying you and Radcomp of the newly disclosed vulnerability.
Just like ogres in Shrek, security is all about layers. Radcomp is reviewing, vetting and applying patches for Windows and common 3rd-party applications, as well as deploying and maintaining industry leading next-gen antivirus. This is helping our clients achieve and maintain good cyber security hygiene and postures them to proactively reduce attack surfaces. MDR is the next layer to respond in the event of a breach or cyber incident.
Radcomp offers industry leading MDR services through our partnership with our security vendor for true 24/7/365 SOC services so you can sleep at night.