<img alt="" src="https://secure.insightful-enterprise-intelligence.com/784283.png" style="display:none;">
Jamie Bsales

The Insider’s Guide to Cybersecurity: Managed Detection and Response Is Imperative for SMBs

MDR/XDR is not just for enterprises

Feb 19, 2024 7:00:00 PM


Check out Keypoint Intelligence’s Cybersecurity page!


In this series, in conjunction with Agile Cybersecurity Solutions (ACS, our cybersecurity testing and consulting partner), Keypoint Intelligence investigates the many facets of cybersecurity to deliver insight and strategy. Check back here often for more free information and insights to help you navigate the potentially treacherous waters of cybersecurity.



In previous posts, we have spelled out the benefits of managed detection and response (MDR). In fact, this handy infographic summarizes MDR, extended detection and response (XDR), and their benefits. Admittedly, however, resource-intensive MDR—which combines continuous monitoring of an organization’s digital assets with an “always-on” incident response team to defend and/or respond to a cyberattack—has largely been the province of enterprises with the in-house IT resources to staff the effort or pockets deep enough to pay for an outside MDR provider. That has left most companies unprotected…which is not good.


“The market has been experiencing a significant uptick in breaches this year in the US, most of which have been targeting the smaller to mid-sized organizations with limited cybersecurity budgets,” said Carlos Fernandes, Founder and CEO of Agile Cybersecurity Solutions (ACS). “These are what the perpetrators consider low-hanging fruit.”


For example, a prominent accounting firm was recently breached and more than 100GB of sensitive client data was exfiltrated. The perpetrators are now aiming to extort the firm, threatening to download all of the sensitive data onto the dark web and notify their clients. The fact that this is transpiring during tax season—the firm’s busiest time of year—makes the breach that much more burdensome. “The saddest part of the story is that we met with them less than two years ago and their response was, ‘We don't have a budget for cybersecurity services. We will take a pass’,” added Fernandes.


That accounting firm is not alone. According to Accenture’s Cybercrime study, only 14% of SMBs are prepared to face such an attack. Worse, according to a report by Vistage, Cisco, and the National Center for the Middle Market, 60% of SMBs that are hacked go out of business within six months.


The advent of artificial intelligence (AI) has only exacerbated the problem. Before, a hacker had to be sophisticated to perpetrate an effective attack. Today’s AI-powered tools, however, put the required coding and execution prowess into the hands of just about any bad actor. With this omnipresent threat hovering, how can companies best prepare for such an eventuality and become more cyber-resilient? The answer: MDR-as-a-Service (MDRaaS). Instead of trying to implement an MDR effort on its own, signing up with an MDRaaS provider spreads the cost burden across all the provider’s clients. Given the scarcity of cybersecurity IT experts, it also eliminates the now nearly impossible task of staffing such a team in-house.


A complete MDRaaS program will include:

  • Continuous monitoring
    • 24/7/365 monitoring of the IT infrastructure, including endpoints, networks, and cloud environments.
    • Utilizes technologies like security information and event management (SIEM), endpoint detection and response (EDR), as well as network detection and response (NDR) to gather and analyze logs, events, and network traffic.
    • Looks for suspicious activity, potential breaches, and anomalies that might indicate a cyberattack.
  • Threat detection and analysis
    • Security experts analyze collected data to identify and prioritize potential threats.
    • Uses threat intelligence feeds and machine learning algorithms to stay ahead of emerging threats.
    • Alerts users to high-priority threats and provides actionable insights.
  • Incident response
    • MDRaaS providers have dedicated teams to respond to security incidents in real-time.
    • They investigate the incident, contain the threat, and minimize the damage.
    • May involve steps like isolating infected systems, patching vulnerabilities, and collecting evidence.
  • Reporting and communication
    • Regular reports on the security posture of the IT environment.
    • Proactive communication about identified threats and ongoing mitigation efforts.
    • May also offer guidance and recommendations for improving overall security posture.


Of the ill-dated accounting firm, Fernandes notes, “There are no guarantees but, if the company had an MDR solution in place, they would have reduced the possibility of this breach occurring by 98%. The bottom-line: Pay now or pay later. In cybersecurity, later is always more expensive.”


Browse through our Industry Reports Page (latest reports only). Log in to the InfoCenter to view research, reports, and studies on cybersecurity through our Workplace CompleteView Advisory Service. If you’re not a subscriber, contact us for more info by clicking here.


Keep Reading

The Insider’s Guide to Cybersecurity: Data Privacy Week Kicks Off with a Massive Breach

The Insider’s Guide to Cybersecurity: Digital Transformation Brings Cybersecurity Vulnerabilities

The Insider’s Guide to Cybersecurity: Cyber-Resilient Innovation

The Insider’s Guide to Cybersecurity: Emerging Trends in Cybersecurity Compliance

The Insider’s Guide to Cybersecurity: Common Cybersecurity Challenges

The Insider’s Guide to Cybersecurity: Best Practices for Implementation and Sustained Vigilance

The Insider’s Guide to Cybersecurity: Bolstering Your Digital Defenses