Cyber threats are increasing in both sophistication and volume every day.  As the threats and attacks grow so does the need for protection against these threats.  With many organizations lacking the resources to protect themselves,  technology companies have come up with Managed Detection and Response (MDR).    MDR is an outsource service that provides companies and organizations ways to  detect threats, respond to incidents and monitor their assets.  Watch as Frank and Harry discuss MDR and how if can help your clients. 

 

Video Transcription

Harry Brelsford  0:01 

Hey nation nation, Harry here back with Frank Ohlhorst.

 

Frank Ohlhorst  0:04 

Frank,

 

Harry Brelsford  0:05 

I think this is the first time we’ve talked since the beginning of the year, and what a year. I hope we’ll be so happy new year. So we can still say that.

 

Frank Ohlhorst  0:12 

Yep, we can still say that. And you know, so far, it seems kind of happy. Actually, you know, maybe, yeah. Maybe things are on the upswing for a lot of people. I mean, we’ve still got the COVID challenges, of course, but you know, we’ve got the vaccination rolling out, and we’ve got a lot of other things going on that might be good for the players in the channel. Yeah. Yeah. Well, I

 

Harry Brelsford  0:38 

want to talk about over on security Boulevard, you just dropped a piece called is MDR, cybersecurity training an oxymoron? We’re talking managed detection? In response go? What’s the story?

 

Frank Ohlhorst  0:49 

Well, you know, a lot of enterprises, especially the enterprises, turn to manage detection and response. Because they lack internally, the cyber skills that are needed to properly protect those enterprises. Okay. So instead of trying to go out and train an internal security staff or, you know, get into a bidding war over talent, they turn to these service providers that provide this capability to, you know, detect, not only breaches, but malware of any type, and also automate the response behind it. And so, you know, brings up a real good question, you know, if you’re an enterprise a small, medium or large enterprise that’s using MDR, do you really need cybersecurity training internally? Because, you know, you’re offloading that responsibility to someone else, from my point of view, is actually a resounding yes. Yes, you have to be able to understand, to an extent, at least have some sort of internal expertise to be able to judge how well the MDR service is performing. And also to be able to validate, you know, the the vendor that’s selling you MDR be able to validate that they know what they’re doing to and this, you know, becomes double fold for the channel. You know, you got folks in the channel that are reselling MDR services, either the self branding it, or they’re coming up with their own, or they’re, reselling something via distributor. And, you know, those players in the channel as the avenue of providing MDR service have to know what it’s all about as well. Now, I see a lot of growth for MDR out there because of the cyber skill shortage that’s currently going on. And I see, you know, our mssps and msps, and other channel partners coming up to bat to be able to handle that.

 

Harry Brelsford  2:57 

Yeah, yeah, it’s it’s not for me is, you know, I have outside business interest in other verticals. In my technology plays. I don’t I’m not a security guy, right. It’s, it’s again, it’s like health care. You got your specializations? I totally appreciate what the security gurus do. And I see the value and the importance of it. Hey, quickly, maybe you could name a couple of players in the game, is he put together your article over here at security Boulevard?

 

Frank Ohlhorst  3:28 

Well, I’m part of the purpose of the article is to really focus on the educational aspect, okay. And I spoke to the folks over at range force who has built several different educational models around cybersecurity. And the most important thing I feel that they do is they create a playground, a sandbox, where you can go and experiment with attacks without putting your own infrastructure at risk, or, you know, creating any type of danger to, you know, your production systems. So, you know, I’m looking at it from the point of view of that, you know, the ability to have that playground, that real world simulation of how an attack works gives you a better concept on how an MDR service should function. So, I’m focusing this more on the idea of knowing what MDR is, as opposed to, you know, recommending a particular vendor. Oh, yeah. This way, the, the way that either channel partner or consumer of the service can look at it, is they can say that, alright, I have some experience here. I know what MDR should do for me. And, you know, I’ve seen real world examples and play with real world examples of what what it means to have an MDR service so I can more in Intelligent links, select a service, or decide to build my own, or decide to bring, you know, various other components together to create MDR. So it’s not so much about the vendor, it’s more about the underlying knowledge that is required to really be effective with MDR instead of just throwing your hands up and shifting the burden off to somebody else, and then you’re the one who gets stung in the end, not them.

 

Harry Brelsford  5:28 

Yeah, yeah, i’ll end on this, this, this sounds a little more comprehensive. And I mean, I don’t mean to offend the next to vendor name, some of the name, but this is a little more comprehensive than KnowBe4  and looking over Stride Point, a new friend of the family, they’re more my understanding, they’re more about don’t click. Okay, that that kind of education for the worker bees don’t click the link. This is a little more comprehensive, if that makes sense.

 

Frank Ohlhorst  5:59 

Oh, yes, this is more comprehensive than I think when it comes to, you know, talking about, you know, the SMB Nation folks, you know, the channel players out there, this is about, you know, educating them to increase their opportunities in the security business. Yeah, without having to do without having to set up their own sock or anything like that, that they can turn to MDR vendors, and then they have enough knowledge to be able to translate what MDR does to their clients to be able to demonstrate the value and then still play a role in it instead of giving up that opportunity to a third party.

 

Harry Brelsford  6:37 

Yeah Cool. Well, I’ll tell you what, keep it safe. By the way, your daughter I believe, is in health care how she doing? Is she hanging in there?

 

Frank Ohlhorst  6:45 

She’s hanging in there, she’s, you know, she’s actually gotten the, the inoculation for, you know, the COVID. And so, you know, she just got the second dose of that, you know, she’s been on the front lines since February. And luckily, you know, she hasn’t, you know, gotten it. But we’re actually just coming out of quarantine because another family member of mine caught COVID and we isolated her. And so, you know, we had to quarantine and luckily we’re doing good.

 

Harry Brelsford  7:24 

All right, well, I’m doing the best I can man I upgraded to in 95 and I’m taking it very I made a I made it a year man. I made it a year let’s let’s not lose it now. Thanks, Frank. Thanks, Jenny.