Managed security service providers get paid by enterprise customers to stop malware or other kinds of cyberattacks, but if they fail, they face what's often a multi-million-dollar liability.
Forty million in potential liabilities are normal in SLAs, says Matthew Gyde, global general manager, security at Dimension Data, now part of NTT Group, based in Singapore, who addressed the topic at a panel discussion at the recent McAfee Focus Conference in Las Vegas. If there's a virus outbreak on the customer's network, for example, there is a limited timeframe to respond to meet the legal requirements of that SLA. "We have timeframes we have to respond to, perhaps 30 seconds," said Gyde.
There's a need at a minimum to define what's under attack and find the source. The two other managed security service providers on the panel, Digital Hands based in Florida and Lumenate based in Texas, indicated that $40 million in liability is typical in their SLAs, too. All three managed service providers (MSPs) support McAfee security products in addition to those from other vendors. They say enterprise customers typically hire a managed service provider in lieu of hiring perhaps 20 or so security staff.
Mark Geary, chief services officer at Digital Hands, said a situation might require shutting down an infected PC on a network segment, for example, in a matter of seconds. Failing to do specific actions in certain timeframes triggers the potential for liability.
The managed security services have operations centers in different parts of the world to take on specific tasks for customers. Geary said once an incident is identified, the remediation may be pushed to the customer. "We'll give it to the network administrator, and say, here's where you need to close your firewall,'" he said.
Cisco last month announced that it also wants to expand into the managed security services arena, though the company didn't specify what approach it will take. Geary said it looks like Cisco might be out to take business away, but it could turn out otherwise if Cisco looks to partner in the way that McAfee has with some managed security service providers. "McAfee has extended their arms in good will to build a MSP program," said Steve Duncan, vice president of security and strategy at Lumenate.
Sign up for Computerworld eNewsletters.