Key ways managed detection & response (MDR) helps with compliance

In recent years, awareness of compliance issues has expanded across enterprises of all types and sizes, reflecting the growing scale and reach of compliance responsibilities. For example, security practitioners are at the sharp end of the need to implement controls and processes to put compliance requirements into effect.

Recently, I had a great opportunity to quiz Josh Davies, an expert in Managed Detection and Response (MDR) about how the service from Fortra helps its customers with compliance. We covered a broad range of MDR capabilities, going far beyond the implementation of controls and into advanced requirements that are often the remit of Governance Risk and Compliance (GRC) solutions.

In the context of the NIST Cybersecurity Framework (for example), the scope of MDR is considerable. MDR can reduce the risk of attack; if an attack does happen, it is more visible, and the impact may be reduced as well as the cost of its aftermath. Security-related compliance requirements often have similarities across different regulatory/standards and addressing these commonalities can be enabled by the solution or built into the service by an MDR provider. This is great news for anyone holding their organisation’s GRC remit: The more that compliance responsibilities can be devolved into operational systems and processes, the better the overall benefit.

Here are five examples of key ways customers can use MDR to reduce the burden of compliance:

• Stay ahead of changing compliance responsibilities.
  Fortra uses market intelligence to monitor upcoming regulatory changes, planning the necessary changes and communicating with customers ahead of the compliance deadline.
• Automation helps raise customers’ capability levels to a high standard and reduce costs of compliance.
  It’s in the interests of MDR providers to continuously improve, and to incorporate best practices. In terms of compliance, this approach develops the capability to meet the intention of the security mechanism, rather than just adhering to the literal wording of compliance obligations. MDR providers also invest in automation because of the scarcity of advanced security skills, enabling SOC workers to take on tasks which provide the highest value possible. This approach also helps workers retain skills, as they don’t have to perform repetitive or low-skilled tasks. Automation additionally drives down time spent on individual tasks, which helps to reduce resolution times.

• Helps to reduce customers’ cyber-insurance premiums
  For a customer, evidencing the right level of capabilities within their MDR service can help reduce the cyber insurance premium they pay. The full scope of these protection mechanisms can all be organised and reported by the MDR service.

• Reduces the burden of providing the extensive evidence to submit a cyber-insurance claim
  Evidence supporting a claim is drawn from immutable data within the MDR solution. Broad-scope MDR offerings, such as Fortra’s, can provide the timeline of an attack, including events, actions, and touchpoints as it progressed.

• Helps organisations to meet demanding deadlines for reporting data breaches
  MDR can generate reports of the sequence of incidents related to a breach as they happened. These can include documentation on all metrics from across the attack surface, including any relating to third parties (which are now often included within the scope of compliance obligations).

Josh Davies of Fortra expands very engagingly on these important areas in our InAudio podcast below. He and I would both be interested in any questions and comments you have after you listen to it.