Search
Close this search box.

Blog

Tackling the Modern Cyberthreat Landscape with MDR

Read our latest blog to learn how MDR can help mitigate security risks and take pressure off your IT team.
August 18, 2021

Tackling the Modern Cyberthreat Landscape with MDR

As the halfway point of 2021 has come and gone, it's become increasingly clear that we are currently facing a cyberthreat landscape more complex and dangerous than anything we've seen before. And it's quite possible - more than a few would say probable - that the state of cybersecurity will only grow more complicated in the years to come.

The optimal approach to security is, in a nutshell, "everywhere and always on." For enterprises, the challenge is to actually realize this wide-ranging approach, and there's research to indicate that we are behind the eight ball in that department, to varying degrees:

  • Among 500 organizations surveyed for a report conducted by Wakefield Research, 93% stated that they’d experienced a data breach or compromise of some kind since the pandemic.
  • 49% of organizations queried in that same survey said point-blank that they were not equipped to meet the challenges of the cyberthreats they expected to face.
  • 54% of the respondents said that the firms they worked for spent too much time addressing low-level threats, which detracted from overall incident responsiveness by taking time away from more serious issues.

It might be fair to say that such a survey is a small sample size … but any security expert worth their salt would tell you those problems exist among far more than 500 organizations. Just look at the headlines full of high-profile ransomware attacks on targets including Colonial Pipeline, JBS, and Kaseya, all of which dealt collateral damage to hundreds of other businesses. It’s clear we need a robust solution to guide the way forward, and managed detection and response (MDR) technologies — when implemented alongside cutting-edge networking solutions — can fill that role.

The Changed World: Post-pandemic Cybersecurity

Most (arguably all) of the biggest cyberthreats we see today - ransomware, massive data breaches, botnets, phishing, the sabotaging of infrastructure via distributed denial of service (DDoS) tactics - were quite present well before the COVID-19 pandemic hit in early 2020. But the crisis heightened their urgency. This was, to some extent, unavoidable. Businesses had to quickly adapt to remote operations for health and safety reasons, which made it increasingly difficult for InfoSec teams to keep track of network activity.

From a work perspective, remote has been successful for many organizations. It also opened up a new attack surface. A significant number of enterprises lack a uniform security approach across end-user devices, to begin with, and this is only exacerbated by “shadow IT:” workers using a wide range of personal computers and mobiles for their professional needs, even sometimes just briefly.

Even without the remote work factor, the move to the cloud — where a majority of organizations now host their workloads — was taking place before the work-from-home explosion. Gartner expects spending on end-user cloud tech to reach $332.1 billion by the end of 2021, a 23.1% increase that all but guarantees even greater exponential growth in the next few years. It also guarantees greater risk, as blackhats are increasingly targeting the cloud. Remote work exacerbates all of this by putting even more traffic and data up in the cloud, and with anywhere from 25-30% of employees operating remotely for the foreseeable future, these issues will only persist.

The rapid emergence of new technologies ranging from devices to networks, coupled with higher bandwidth needs to support increasingly sophisticated operations (and further complicated by increased compliance and reporting requirements), makes for a lot that IT has to keep pace with. While they're getting the hang of it, malicious actors have room to attack, and if T departments have skills gaps that go long unfilled, danger only increases.

We're seeing the consequences of large-scale security unpreparedness unfold in real-time, as exemplified by the aforementioned headline-making ransomware attacks. There will almost certainly be more stories like those in the news as 2021 unfolds. Less well-known but just as sobering examples come with the exponential increase in lower-level ransomware attacks. Not infrequently, these victims believe paying up is the easier option - which simply drives more malicious activity.

MDR: Putting Comprehensive Proactiveness Into Security

The combination of leading-edge threat monitoring (and threat-hunting) tools plus ongoing support from expert cybersecurity personnel is what makes Managed Detection and Response (MDR) so ideal for the modern threat landscape. It takes the burden of controlling a sophisticated endpoint detection and response (EDR) system off of an enterprise's shoulders, making it the responsibility of a managed services provider (MSP) and its expert security team.

Prioritization is another of the most important attributes of MDR. As we noted earlier, more than a few enterprises have a difficult time with knowing which EDR alerts are urgent and which can be (at least temporarily) disregarded. Any EDR system, even one configured for an organization on the smaller end of the enterprise spectrum, will have hundreds of alerts daily. The thoroughness that allows the capture of so many alerts is valuable, but it's critical for InfoSec teams not to go down blind alleys for minor threat activity (as determined by their business risk profile).

MDR - based on response policies a business establishes with its MSP to fit its unique security needs - addresses the most pressing threats and vulnerabilities first, so that they receive an appropriate and proportional response. The system will closely analyze the circumstances peripheral to an alert regarding a vulnerability or an emerging threat. It will suggest actions that can be taken to mitigate the recurrence of such dangers. It offers proactive protection at a greater scale into an enterprise organization, beyond the scale it could reach on its own - creating a clear return on investment.

The Advantages of MDR from GTT

GTT offers MDR a la carte or as a seamless add-on in conjunction with other managed services, and is particularly effective when deployed alongside SD-WAN. It is compatible with all major firewall and security solution vendors.

Our Tier 1 network provides a foundation for efficiently handled security operations (and strong overall network performance). This allows us to promise a response in less than 30 minutes within our service-level agreements. During this window, we identify, validate and investigate indicators of compromise, alert responsible parties and respond to the incident by initiating appropriate actions.

GTT offers continuous support for MDR clients, in accordance with the need for an always-on security posture. We offer daily reviews, executive summary reporting, advisory services from live security experts, in-depth incident analysis, and remediation recommendations. Meanwhile, the client portal offers full visibility into all MDR functions. To learn more about what our high-level security solutions can offer you, get in touch with us today.

About GTT

GTT connects people across organizations, around the world, and to every application in the cloud. Our clients benefit from an outstanding service experience built on our core values of simplicity, speed, and agility. GTT owns and operates a global Tier 1 internet network and provides a comprehensive suite of cloud networking services. We also offer a complementary portfolio of managed services, including managed SD-WAN from leading technology vendors.

 

 

Related RESOURCES

2024-isg-report-europe-ft
Guide

GTT Named Leader in ISG Provider Lens™ Enterprise Managed Network Services 2024 Europe Study

GTT is ranked as a Leader for the provisioning of network as a service (NaaS) and for services across WANs, LANs, managed Direct Internet Access (DIA), Voice over IPs (VoIPs) and virtual private networks (VPNs). This top ranking from ISG is based on its evaluation of 33 service providers within the managed network services industry.
Background-3
Guide

GTT Named Leader in ISG Provider Lens™ Enterprise Managed Network Services 2024 U.S. Study

GTT is ranked as a top Leader position for the provisioning of network as a service (NaaS) and for services across WANs, LANs, managed Direct Internet Access (DIA), Voice over IPs (VoIPs) and virtual private networks (VPNs). This top ranking comes from ISG is based on its evaluation of 33 service providers within the managed network services industry.
sd-wan-adoption-ft
Webinar

Understanding Managed SD-WAN Adoption

Elevate your network infrastructure and the rapidly evolving world of SD-WAN and SASE technologies. Watch the webinar today.
partner-with-envision-ft
Webinar

Partners Win with GTT Envision

What is GTT ENVISION and how can you leverage this exciting approach to Network as a Service? Watch the webinar to learn all about GTT Envision.
White Paper

Trends and Solutions for a More Secure Perimeter

GTT commissioned Hanover Research, a leading provider of research and analytics for organizations worldwide, to gain insight into how businesses are adopting and using SASE and SSE
Team of Professional IT Developers Have a Meeting, Speaker Shows Growth Data with Graphs, Charts, Software UI. Shown on TV. Concept: Software UI Development, Deep Learning, Graphs, Charts.
Guide

GTT Named Managed SD-WAN Leader in ISG 2024 Network Report Evaluating German Service Providers

ISG Provider Lens™ report evaluates 26 enterprise WAN service providers and ranks GTT in a Leader position for Managed SD-WAN enterprise network connectivity.
Hand touching Secure Access Service Edge icon on smartphone virtual screen background, password, network, framework and support technology in office. SASE secure access service edge concept.
Guide

GTT Named Managed SD-WAN Leader & SASE Rising Star in ISG 2024 Network Report Evaluating U.S. Service Providers

ISG Provider Lens™ report evaluates 26 enterprise WAN service providers and ranks GTT in a top Leader position for Managed SD-WAN enterprise network connectivity. GTT is also ranked as a Rising Star Product Challenger for its Secure Access Service Edge (SASE) Capability, GTT Secure Connect.
Fortinet white paper
White Paper

SASE is a Journey – Not a Silver Bullet

In this white paper, learn how leaders are adapting to evolving business continuity demands. To stay ahead of threats, teams must view securing their Network and Security ecosystems as a continuous journey. Secure Access service edge (SASE) framework is the path to stronger cyber security.
IT engineers checking servers in server room
White Paper

Why Technology Partners Matter In Uncertain Times

Technology advancements support 5 key areas of manufacturing. Leveraging managed services providers to support and secure the network infrastructure that enables these advancements helps achieve these positive business outcomes.
Robot welding in car factory
White Paper

Get The Lowdown On The Smart Factory & The Next Wave of Innovation

Manufacturers understand that they must stay up to date with the latest developments in technology to be competitive. At the same time, technology is moving fast. Find out more about Industry 4.0 and the Smart Factory.

OUR GARTNER RATING

Gartner Peer Insights logo
4.2

62 Reviews

88%
as of the last 12 months

Talk to an Expert

Interested in learning more about GTT products & services? Please complete this short form to schedule a call with one of our sales consultants.

Thank you for your information. One of our sales consultants will be in touch with you.

Scroll to Top